cleantalk
Vulnerabilities and Security Researches

DirectoryPress – Business Directory And Classified Ad Listing, CVE-2025-62967

CVE, Research URL

CVE-2025-62967

Home page URL

Security reports for DirectoryPress – Business Directory And Classified Ad Listing

Application

DirectoryPress – Business Directory And Classified Ad Listing

Published on
Oct 27, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in designinvento DirectoryPress directorypress allows DOM-Based XSS.This issue affects DirectoryPress: from n/a through <= 3.6.25.
Affected versions
max 3.6.25.
Status
vulnerable
Previous vulnerability researches
Playerzbr (CVE-2025-11825) , Nov 10, 2025
New vulnerability
Tutor LMS &#8211; eLearning and online course solution (CVE-2025-11564) , Nov 10, 2025
Product Addons &amp; Fields for WooCommerce (CVE-2025-11391) , Nov 10, 2025
Product Addons &amp; Fields for WooCommerce (CVE-2025-11691) , Nov 10, 2025
wpNamedUsers (CVE-2025-48083) , Nov 10, 2025
Colibri Page Builder (CVE-2025-9560) , Nov 10, 2025