Ulisting (Wordpress Plugin)

Submit a proposal Propose CVE/GCVE/GHSA reference

Approved changes feed: RSS · Atom

cpe:2.3:a:stylemixthemes:ulisting_(wordpress_plugin):*:*:*:*:*:*:*:*

part: a version: * update: *

VendorStylemixthemes (a955917c-2229-564b-bd01-1fb4beeda74f)
ProductUlisting (Wordpress Plugin) (54c8971c-1048-51fb-a245-e210a5cbbe09)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2021-36880 vulnerable 2026-06-03 14:44:59.310434 WordPress uListing plugin <= 2.0.3 - Unauthenticated SQL Injection (SQLi) vulnerability
HIGH (8.6)
Unauthenticated SQL Injection (SQLi) vulnerability in WordPress uListing plugin (versions <= 2.0.3), vulnerable parameter: custom.
Published: 2021-09-27T15:32:46.608Z
Updated: 2026-04-28T16:07:36.147Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-36879 vulnerable 2026-06-03 14:44:59.309962 WordPress uListing plugin <= 2.0.5 - Unauthenticated Privilege Escalation vulnerability
CRITICAL (9.8)
Unauthenticated Privilege Escalation vulnerability in WordPress uListing plugin (versions <= 2.0.5). Possible if WordPress configuration allows user registration.
Published: 2021-09-27T15:32:14.511Z
Updated: 2026-04-28T16:07:35.936Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-36878 vulnerable 2026-06-03 14:44:59.309502 WordPress uListing plugin <= 2.0.5 - Settings Update via Cross-Site Request Forgery (CSRF) vulnerability
MEDIUM (4.3)
Cross-Site Request Forgery (CSRF) vulnerability in WordPress uListing plugin (versions <= 2.0.5) makes it possible for attackers to update settings.
Published: 2021-09-27T14:12:59.645Z
Updated: 2026-04-28T16:07:35.937Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-36877 vulnerable 2026-06-03 14:44:59.309036 WordPress uListing plugin <= 2.0.5 - Modify User Roles via Cross-Site Request Forgery (CSRF) vulnerability
MEDIUM (4.3)
Cross-Site Request Forgery (CSRF) vulnerability in WordPress uListing plugin (versions <= 2.0.5) makes it possible for attackers to modify user roles.
Published: 2021-09-27T15:32:29.761Z
Updated: 2026-04-28T16:07:35.829Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-36876 vulnerable 2026-06-03 14:44:59.308538 WordPress uListing plugin <= 2.0.5 - Multiple Cross-Site Request Forgery (CSRF) vulnerabilities
MEDIUM (5.4)
Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in WordPress uListing plugin (versions <= 2.0.5) as it lacks CSRF checks on plugin administration pages.
Published: 2021-09-27T15:32:23.393Z
Updated: 2026-04-28T16:07:35.831Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-36874 vulnerable 2026-06-03 14:44:59.304991 WordPress uListing plugin <= 2.0.5 - Authenticated Insecure Direct Object References (IDOR) vulnerability
HIGH (7.1)
Authenticated Insecure Direct Object References (IDOR) vulnerability in WordPress uListing plugin (versions <= 2.0.5).
Published: 2021-09-27T15:32:39.576Z
Updated: 2026-04-28T16:07:35.770Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.