2025-03-25 05:22:48
Wordfence
PUBLISHED
The Directorist: AI-Powered Business Directory Plugin with Classified Ads Listings plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on the parse_query function in all versions up to, and including, 8.2. This makes it possible for unauthenticated attackers to update the post_status of any post to publish.