Approved changes feed: RSS · Atom

cpe:2.3:a:stylemix:ulisting:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorStylemix (c2170171-f70b-5bf4-89aa-da5048b14251)
ProductUlisting (bebbaef4-25b6-5385-bdd5-d362febce180)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2026-28138 vulnerable 2026-06-08 07:55:14.978887 WordPress uListing plugin <= 2.2.0 - PHP Object Injection vulnerability
HIGH (7.2)
Deserialization of Untrusted Data vulnerability in Stylemix uListing ulisting allows Object Injection.This issue affects uListing: from n/a through <= 2.2.0.
Published: 2026-02-26T08:33:37.089Z
Updated: 2026-04-28T16:15:09.459Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2026-28078 vulnerable 2026-06-08 07:55:14.894433 WordPress uListing plugin <= 2.2.0 - Arbitrary File Download vulnerability
MEDIUM (4.9)
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Stylemix uListing ulisting allows Path Traversal.This issue affects uListing: from n/a through <= 2.2.0.
Published: 2026-03-05T05:54:21.873Z
Updated: 2026-04-28T17:40:54.915Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-32662 vulnerable 2026-06-08 07:19:00.378169 WordPress uListing plugin <= 2.2.0 - Deserialization of untrusted data vulnerability
HIGH (8.8)
Deserialization of Untrusted Data vulnerability in Stylemix uListing ulisting allows Object Injection.This issue affects uListing: from n/a through <= 2.2.0.
Published: 2025-04-17T15:47:01.613Z
Updated: 2026-05-12T00:11:50.380Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-32122 vulnerable 2026-06-08 07:18:59.180954 WordPress uListing plugin <= 2.2.0 - SQL Injection vulnerability
HIGH (7.6)
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Stylemix uListing ulisting allows Blind SQL Injection.This issue affects uListing: from n/a through <= 2.2.0.
Published: 2025-04-04T15:58:22.949Z
Updated: 2026-04-28T16:12:16.741Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-25151 vulnerable 2026-06-08 07:12:50.757142 WordPress uListing Plugin <= 2.1.6 - SQL Injection vulnerability
HIGH (8.5)
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Stylemix uListing ulisting allows SQL Injection.This issue affects uListing: from n/a through <= 2.1.6.
Published: 2025-02-07T10:11:55.739Z
Updated: 2026-05-11T23:30:59.259Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-25150 vulnerable 2026-06-08 07:12:50.756806 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-47344 vulnerable 2026-06-08 06:48:11.814534 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.