Directorist: AI-Powered Business Directory Plugin with Classified Ads Listings < 8.5.3 – Missing Authorization to Authenticated (Subscriber+) Data Export and Slug Update | CVE 2025-12174 | Plugin Vulnerabilities

Description

The Directorist: AI-Powered Business Directory Plugin with Classified Ads Listings plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the 'directorist_prepare_listings_export_file' and 'directorist_type_slug_change' AJAX actions in all versions up to, and including, 8.5.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to export listing details and change the directorist slug.

Affects Plugins

Fixed in 8.5.3

References

CVE

URL

https://www.wordfence.com/threat-intel/vulnerabilities/id/796c0ded-3a23-4dd6-968a-a8e60bd8ea0e

Classification

Type

NO AUTHORISATION

OWASP top 10

A5: Broken Access Control

CWE

CVSS

Miscellaneous

Original Researcher

Rafshanzani Suhada

Verified

No

WPVDB ID

a357f270-bc1a-4890-87ca-b904ea3b638f

Timeline

Publicly Published

2025-11-18 (about 6 months ago)

Added

2025-11-18 (about 6 months ago)

Last Updated

2025-11-19 (about 6 months ago)

Other

Published

Title

Published

2024-11-28

Title

Chatter <= 1.0.1 - Missing Authorization

Published

2025-07-24

Title

Frontend File Manager < 22.0 - Missing Authorization to Unauthenticated Arbitrary Post Deletion

Published

2024-03-28

Title

Finale Lite < 2.18.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Installation and Activation

Published

2025-12-04

Title

ERP < 1.16.8 - Missing Authorization

Published

2025-12-11

Title

Laser <= 1.1.1 - Missing Authorization