GCVE - cpe:2.3:a:wpwax:directorist:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:wpwax:directorist:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Wpwax (`29e8d6fe-c9fa-59bf-8dd1-08817559bd7a`)
Product	Directorist (`51cdf9e8-a04e-5997-a723-7decdaba95fa`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from purl2cpe mapping

PURL mappings

PURL	Source	Last updated
`pkg:github/sovware/directorist`	purl2cpe	2026-06-01 10:16:03.299767

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2026-39509`	vulnerable	2026-06-03 15:22:12.664988	WordPress Directorist plugin <= 8.5.10 - Broken Access Control vulnerability MEDIUM (5.3) Missing Authorization vulnerability in wpWax Directorist directorist allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Directorist: from n/a through <= 8.5.10. Published: 2026-04-08T08:30:14.240Z Updated: 2026-04-29T09:52:02.099Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Plugin/directorist/vulnerability/wordpress-directorist-plugin-8-5-10-broken-access-control-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-68069`	vulnerable	2026-06-03 15:11:02.810788	WordPress Directorist plugin <= 8.6.6 - Broken Access Control vulnerability HIGH (7.1) Missing Authorization vulnerability in wpWax Directorist directorist allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Directorist: from n/a through <= 8.6.6. Published: 2026-02-20T15:46:38.064Z Updated: 2026-04-28T16:14:28.215Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Plugin/directorist/vulnerability/wordpress-directorist-plugin-8-5-6-broken-access-control-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-64250`	vulnerable	2026-06-03 15:09:37.581923	WordPress Directorist plugin <= 8.6.6 - Open Redirection vulnerability MEDIUM (4.7) URL Redirection to Untrusted Site ('Open Redirect') vulnerability in wpWax Directorist directorist allows Phishing.This issue affects Directorist: from n/a through <= 8.6.6. Published: 2025-12-16T08:12:49.689Z Updated: 2026-04-28T16:14:12.731Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Plugin/directorist/vulnerability/wordpress-directorist-plugin-8-5-6-open-redirection-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-33929`	vulnerable	2026-06-03 14:55:53.190709	WordPress Directorist plugin <= 7.8.6 - Broken Access Control vulnerability MEDIUM (5.3) Missing Authorization vulnerability in wpWax Directorist.This issue affects Directorist: from n/a through 7.8.6. Published: 2024-05-03T08:21:08.156Z Updated: 2026-04-28T16:09:46.599Z Open on db.gcve.eu Reference links https://patchstack.com/database/vulnerability/directorist/wordpress-directorist-plugin-7-8-6-broken-access-control-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-35052`	vulnerable	2026-06-03 14:52:17.657745	WordPress Directorist plugin <= 7.5.4 - Arbitrary Content Deletion vulnerability MEDIUM (4.3) Missing Authorization vulnerability in wpWax - WP Business Directory Plugin and Classified Listings Directory Directorist allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Directorist: from n/a through 7.5.4. Published: 2024-12-13T14:23:39.917Z Updated: 2026-04-28T16:08:29.504Z Open on db.gcve.eu Reference links https://patchstack.com/database/wordpress/plugin/directorist/vulnerability/wordpress-directorist-plugin-7-5-4-arbitrary-content-deletion?_s_id=cve	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.