cleantalk
Vulnerabilities and Security Researches

Web Directory Free, CVE-2024-3669

CVE, Research URL

CVE-2024-3669

Home page URL

Security reports for Web Directory Free

Application

Web Directory Free

Published on
Jul 30, 2024
Research Description
The Web Directory Free WordPress plugin before 1.7.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
Affected versions
Min -, max 1.7.2.
Status
vulnerable
Previous vulnerability researches
Web Directory Free (CVE-2025-30908) , Apr 05, 2025
Web Directory Free (CVE-2023-2201) , Jun 07, 2024
Web Directory Free (CVE-2024-3552) , Jun 07, 2024
Web Directory Free (CVE-2024-3673) , Sep 02, 2024
Web Directory Free (CVE-2024-3669) , Aug 01, 2024
New vulnerability
BlockStrap Page Builder Blocks (CVE-2025-30951) , Jun 15, 2025
Newsletter – Send awesome emails from WordPress (CVE-2025-3584) , Jun 15, 2025
Woocoommerce Wishlist for Website Designers (High customization, fast setup,Free Elementor Wishlist, most features) (CVE-2025-47487) , Jun 15, 2025
WP Featured Content Slider (CVE-2025-30634) , Jun 15, 2025
WP Cookie Consent ( for GDPR, CCPA & ePrivacy ) (CVE-2025-49285) , Jun 15, 2025