Strategy11: >> Awp Classifieds Security Vulnerabilities
Missing Authorization vulnerability in AWP Classifieds Team AWP Classifieds.This issue affects AWP Classifieds: from n/a through 4.3.1.
CVSS Score
4.3
EPSS Score
0.003
Published
2024-06-09
Cross-Site Request Forgery (CSRF) vulnerability in AWP Classifieds Team Ad Directory & Listings by AWP Classifieds plugin <= 4.3 versions.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-10-06
The WordPress Classifieds Plugin WordPress plugin before 4.3 does not properly sanitise and escape some parameters before using them in a SQL statement via an AJAX action available to unauthenticated users and when a specific premium module is active, leading to a SQL injection
CVSS Score
9.8
EPSS Score
0.167
Published
2022-10-31
Cross-site scripting (XSS) vulnerability in the Another WordPress Classifieds Plugin plugin for WordPress allows remote attackers to inject arbitrary web script or HTML via the query string to the default URI.
CVSS Score
4.3
EPSS Score
0.002
Published
2015-01-13
SQL injection vulnerability in the Another WordPress Classifieds Plugin plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the keywordphrase parameter in a dosearch action.
CVSS Score
7.5
EPSS Score
0.019
Published
2015-01-13