cleantalk
Vulnerabilities and Security Researches

Directory Listings WordPress plugin – uListing, CVE-2021-36877

CVE, Research URL

CVE-2021-36877

Home page URL

Security reports for Directory Listings WordPress plugin – uListing

Application

Directory Listings WordPress plugin – uListing

Published on
Sep 27, 2021
Research Description
Cross-Site Request Forgery (CSRF) vulnerability in WordPress uListing plugin (versions <= 2.0.5) makes it possible for attackers to modify user roles.
Affected versions
Min -, max 2.0.6.
Status
vulnerable
Previous vulnerability researches
Directory Listings WordPress plugin &#8211; uListing (CVE-2021-36875) , Jun 07, 2024
Directory Listings WordPress plugin &#8211; uListing (CVE-2021-36877) , Jun 07, 2024
Directory Listings WordPress plugin &#8211; uListing (CVE-2021-36880) , Jun 07, 2024
Directory Listings WordPress plugin &#8211; uListing (CVE-2021-36874) , Jun 07, 2024
Directory Listings WordPress plugin &#8211; uListing (CVE-2021-36876) , Jun 07, 2024
New vulnerability
Password Protected &#8211; Ultimate Plugin to Password Protect Your WordPress Content with Ease (CVE-2025-3453) , Apr 18, 2025
Site Search 360 (CVE-2025-39530) , Apr 17, 2025
Essential Addons for Elementor &#8211; Best Elementor Templates, Widgets, Kits &amp; WooCommerce Builders (CVE-2025-39589) , Apr 17, 2025
Essential Addons for Elementor &#8211; Best Elementor Templates, Widgets, Kits &amp; WooCommerce Builders (CVE-2025-39590) , Apr 17, 2025
Basic Interactive World Map (CVE-2025-39517) , Apr 17, 2025