Known Vulnerabilities for GeoDirectory by Paolo
Listed below are 10 of the newest known vulnerabilities associated with "GeoDirectory" by "Paolo".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-57681 json | Subscriber Server Side Request Forgery (SSRF) in GeoDirectory <= 2.8.161 versions. | Not Provided | 2026-07-02 | 2026-07-02 |
| CVE-2026-54831 json | Unauthenticated SQL Injection in GeoDirectory <= 2.8.162 versions. | Not Provided | 2026-06-26 | 2026-06-26 |
| CVE-2026-42671 json | Missing Authorization vulnerability in Paolo GeoDirectory allows Exploiting Incorrectly Configured Access Control Security Le... | Not Provided | 2026-06-01 | 2026-06-01 |
| CVE-2026-39532 json | Contributor PHP Object Injection in Events Calendar for GeoDirectory <= 2.3.25 versions. | Not Provided | 2026-06-15 | 2026-06-15 |
| CVE-2026-39512 json | Unauthenticated SQL Injection in GeoDirectory <= 2.8.152 versions. | Not Provided | 2026-06-15 | 2026-06-15 |
| CVE-2026-11616 json | The Events Calendar for GeoDirectory plugin for WordPress is vulnerable to Privilege Escalation in versions up to and includi... | Not Provided | 2026-06-09 | 2026-06-09 |
| CVE-2025-26967 json | Deserialization of Untrusted Data vulnerability in Stiofan Events Calendar for GeoDirectory events-for-geodirectory allows Ob... | Not Provided | 2025-03-03 | 2026-04-23 |
| CVE-2024-56259 json | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Paolo GeoDirectory geod... | Not Provided | 2025-01-02 | 2026-04-23 |
| CVE-2024-50437 json | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Paolo GeoDirectory geod... | Not Provided | 2024-10-28 | 2026-04-23 |
| CVE-2023-50845 json | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AyeCode - WordPress Bus... | Not Provided | 2023-12-28 | 2026-04-28 |