cleantalk
Vulnerabilities and Security Researches

Directory Listings WordPress plugin – uListing, CVE-2021-36877

CVE, Research URL

CVE-2021-36877

Home page URL

Security reports for Directory Listings WordPress plugin – uListing

Application

Directory Listings WordPress plugin – uListing

Published on
Sep 27, 2021
Research Description
Cross-Site Request Forgery (CSRF) vulnerability in WordPress uListing plugin (versions <= 2.0.5) makes it possible for attackers to modify user roles.
Affected versions
Min -, max 2.0.6.
Status
vulnerable
Previous vulnerability researches
Directory Listings WordPress plugin &#8211; uListing (CVE-2021-36875) , Jun 07, 2024
Directory Listings WordPress plugin &#8211; uListing (CVE-2021-36877) , Jun 07, 2024
Directory Listings WordPress plugin &#8211; uListing (CVE-2021-36880) , Jun 07, 2024
Directory Listings WordPress plugin &#8211; uListing (CVE-2021-36874) , Jun 07, 2024
Directory Listings WordPress plugin &#8211; uListing (CVE-2021-36876) , Jun 07, 2024
New vulnerability
Export All Posts, Products, Orders, Refunds &amp; Users (CVE-2025-2332) , Mar 28, 2025
Doneren met Mollie (CVE-2025-30779) , Mar 28, 2025
Cart tracking for WooCommerce (CVE-2025-30791) , Mar 28, 2025
Church Admin (CVE-2025-26941) , Mar 28, 2025
Audio Album (CVE-2025-30780) , Mar 28, 2025