- Description
- The WP Directorybox Manager plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.5. This is due to incorrect authentication in the 'wp_dp_enquiry_agent_contact_form_submit_callback' function. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the username.
- Source
- security@wordfence.com
- NVD status
- Received
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- security@wordfence.com
- CWE-288
- Hype score
- Not currently trending
Grok 3 from xAI shines at crafting CVE Python exploits! It just wrote a PoC for CVE-2025-0316—auth bypass in WP DirectoryBox Manager 2.5. It’s fast, precise, and pulls vuln intel from the web seamlessly. It did that faster the I can write "import requests" in a python script!…
@MarcoFigueroa
18 Feb 2025
1683 Impressions
7 Retweets
26 Likes
8 Bookmarks
4 Replies
6 Quotes
🚨 CVE-2025-0316 ⚠️🔴 CRITICAL (9.8) 🏢 Chimpstudio - WP Directorybox Manager 🏗️ * 🔗 https://t.co/y12mMib5h2 🔗 https://t.co/NwRhO2iZRh #CyberCron #VulnAlert https://t.co/7C3oMiIve5
@cybercronai
9 Feb 2025
44 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-0316 02/08/2025 10:15:28 PM BaseSeverity: CRITICAL The WP Directorybox Manager plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.5. This is due t... https://t.co/TvPhJxgT5G
@CVETracker
9 Feb 2025
34 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
Vulnerabilities report for February 9th, 2025. 🗓️ A total of 6 new vulnerabilities were published today with one CVSS CRITICAL (9.8) vulnerability, CVE-2025-0316. This vulnerability is in WP Directorybox Manager plugin for WordPress. One HIGH (7.5) vulnerability, CVE-2024-13440
@gothburz
9 Feb 2025
150 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
The severity is increased for this new vulnerability affecting Chimpstudio WP Directorybox Manager Plugin (CVE-2025-0316) https://t.co/iXudD8ttWB
@vuldb
9 Feb 2025
64 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-0316 Authentication Bypass Vulnerability in WordPress Directorybox Manager Plugin 2.5 https://t.co/ZuE7yRFfdO
@VulmonFeeds
8 Feb 2025
76 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-0316 The WP Directorybox Manager plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.5. This is due to incorrect authentication i… https://t.co/nXtM0KRt46
@CVEnew
8 Feb 2025
814 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-0316: CRITICAL] WordPress plugin WP Directorybox Manager is at risk due to authentication bypass flaw in versions up to 2.5. Attackers could log in as any user, including admins, by exploiting this vulne...#cybersecurity,#vulnerability https://t.co/fjYIQF6vrl https://t.
@CveFindCom
8 Feb 2025
58 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes