Directorist
wpWax
Developer
8.6.6
Latest version
20,000
Installations
No date
Last updated
Vulnerability history
2 present
17 patched
10 Mitigation rules
- Broken Access Control vulnerability<= 8.6.627/01/2026
- Open Redirection vulnerability<= 8.6.615/12/2025
- Missing Authorization to Authenticated (Subscriber+) Data Export and Slug Update vulnerability<= 8.5.218/11/2025
- Authenticated (Subscriber+) Arbitrary File Move vulnerability<= 8.4.825/10/2025
- Missing Authorization to Unauthenticated Arbitrary Post Publishing vulnerability<= 8.224/03/2025
- Privilege Escalation and Account Takeover via Weak OTP vulnerability<= 8.127/02/2025
- Unauthenticated User Information Exposure vulnerability<= 8.0.1231/01/2025
- Broken Access Control vulnerability<= 7.8.629/04/2024
- Missing Authorization to Unauthenticated Settings Change vulnerability<= 7.8.413/02/2024
- CSV Injection<= 7.7.105/09/2023
- Broken Access Control<= 7.7.104/09/2023
- Arbitrary Content Deletion vulnerability<= 7.5.413/06/2023
- Authenticated Privilege Escalation Vulnerability<= 7.5.407/06/2023
- Authenticated Arbitrary Post Deletion Vulnerability<= 7.5.407/06/2023
- Auth. Insecure Direct Object References (IDOR) vulnerability<= 7.4.2.121/11/2022
- Unauthenticated Email Address Disclosure vulnerability<= 7.3.010/08/2022
- Authenticated Arbitrary E-mail Sending vulnerability<= 7.2.326/07/2022
- Authenticated Arbitrary File Upload vulnerability<= 7.2.218/07/2022
- Cross-Site Request Forgery (CSRF) vulnerability leading to Remote File Upload<= 7.0.6.118/11/2021