CVE-2021-36879: WordPress uListing plugin <= 2.0.5 - Unauthenticated Privilege Escalation vulnerability
First published: Tue Jul 27 2021(Updated: )
Unauthenticated Privilege Escalation vulnerability in WordPress uListing plugin (versions <= 2.0.5). Possible if WordPress configuration allows user registration.
Credit: audit@patchstack.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Stylemixthemes Ulisting | <=2.0.5 |
Remedy
Update to 2.0.6 or higher version.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this WordPress uListing plugin vulnerability?
The vulnerability ID for this WordPress uListing plugin vulnerability is CVE-2021-36879.
What is the severity of CVE-2021-36879?
The severity of CVE-2021-36879 is critical with a severity value of 9.8.
What is the affected software for CVE-2021-36879?
The affected software for CVE-2021-36879 is the uListing plugin for WordPress versions up to and including 2.0.5.
How can the vulnerability be exploited?
The vulnerability can be exploited by an unauthenticated attacker if WordPress configuration allows user registration.
Is there a patch or fix available for CVE-2021-36879?
Yes, a patch or fix is available for CVE-2021-36879. Please refer to the provided references for more information.
- collector/nvd-index
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/remedy
- agent/author
- agent/severity
- agent/last-modified-date
- agent/title
- agent/weakness
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- vendor/stylemixthemes
- canonical/stylemixthemes ulisting
- version/stylemixthemes ulisting/2.0.5