Filtered by vendor Wpgeodirectory
Subscribe
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-0278 | 1 Wpgeodirectory | 1 Geodirectory | 2025-03-10 | N/A | 7.2 HIGH |
| The GeoDirectory WordPress plugin before 2.2.24 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin. | |||||
| CVE-2025-26967 | 1 Wpgeodirectory | 1 Events Calendar* | 2025-03-07 | N/A | 8.8 HIGH |
| Deserialization of Untrusted Data vulnerability in Stiofan Events Calendar for GeoDirectory allows Object Injection. This issue affects Events Calendar for GeoDirectory: from n/a through 2.3.14. | |||||