WordPress Plugin Vulnerabilities

Business Directory Plugin - Easy Listing Directories for WordPress < 6.4.15 - Insecure Direct Object Reference to Listing Arbitrary Image Addition

Description

The Business Directory Plugin – Easy Listing Directories for WordPress plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 6.4.14 via the 'ajax_listing_submit_image_upload' function due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to add arbitrary images to listings.

Affects Plugins

Plugin icon
business-directory-plugin
Fixed in 6.4.15

References

CVE
CVE-2024-13887
URL
https://www.wordfence.com/threat-intel/vulnerabilities/id/06c3de6d-92e7-46f8-86a9-37f027767fc0

Classification

Type
IDOR
OWASP top 10
A5: Broken Access Control
CWE
CWE-639
CVSS
5.3 (medium)

Miscellaneous

Original Researcher
Rein Daelman (trein)
Verified
No
WPVDB ID
23b409f4-24b1-46dd-93b0-03fd19439208

Timeline

Publicly Published
2025-03-12 (about 1 year ago)
Added
2025-03-12 (about 1 year ago)
Last Updated
2025-03-13 (about 1 year ago)

Other

Published
Title
Published
2023-02-14
Title
Popup Builder by OptinMonster < 2.12.2 - Subscriber+ Arbitrary Post Content Disclosure
Published
2026-01-06
Title
Optional Email <= 1.3.11 - Unauthenticated Privilege Escalation to Account Takeover
Published
2024-01-04
Title
Relevanssi (Free < 4.22.0, Premium < 2.25.0) - Unauthenticated Private/Draft Post Disclosure
Published
2025-05-13
Title
PeepSo Core: File Uploads < 6.4.6.1 - Insecure Direct Object Reference to Unauthenticated Sensitive Information Exposure via file_download
Published
2025-12-29
Title
Struktur <= 2.5.1 - Authenticated (Subscriber+) Insecure Direct Object Reference