Wp Directorybox Manager

Submit a proposal Propose CVE/GCVE/GHSA reference

Approved changes feed: RSS · Atom

cpe:2.3:a:chimpstudio:wp_directorybox_manager:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorChimpstudio (c3314495-e456-52cc-9712-bd8543d1a332)
ProductWp Directorybox Manager (2f9ac1a9-fd54-5eb4-99cf-4b29c8b5cb61)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2025-0316 vulnerable 2026-06-08 07:02:24.346511 WP Directorybox Manager <= 2.5 - Authentication Bypass
CRITICAL (9.8)
The WP Directorybox Manager plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.5. This is due to incorrect authentication in the 'wp_dp_enquiry_agent_contact_form_submit_callback' function. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the username.
Published: 2025-02-08T21:20:58.901Z
Updated: 2026-04-08T16:48:05.213Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-13182 vulnerable 2026-06-08 06:25:36.915971 WP Directorybox Manager <= 2.5 - Authentication Bypass
CRITICAL (9.8)
The WP Directorybox Manager plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 2.5. This is due to incorrect authentication in the 'wp_dp_parse_request' function. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator.
Published: 2025-02-13T12:41:51.470Z
Updated: 2026-04-08T17:31:02.192Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.