Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
1DescriptionCVE.org
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Mamunur Rashid Classified Listing allows Path Traversal.
This issue affects Classified Listing: from n/a through 5.3.8.
AnalysisAI
Path traversal in the Classified Listing WordPress plugin (versions through 5.3.8) enables authenticated low-privileged users to download arbitrary files from the server filesystem. The vulnerability, reported by Patchstack as an arbitrary file download flaw, exposes full confidentiality impact (C:H) with no integrity or availability consequence, meaning attackers can exfiltrate sensitive server files - including wp-config.php, credentials, or private data - but cannot modify or destroy them. No active exploitation is confirmed and no public exploit code has been identified at time of analysis.
Technical ContextAI
The affected component is the Classified Listing plugin for WordPress, authored by Mamunur Rashid, identified via CPE cpe:2.3:a:mamunur_rashid:classified_listing:*:*:*:*:*:*:*:* covering all versions through 5.3.8. CWE-22 (Improper Limitation of a Pathname to a Restricted Directory) indicates the plugin fails to sanitize user-supplied path input before using it to construct a file access operation - a classic directory traversal pattern. In WordPress plugin context, this typically manifests in a file download or export endpoint where a filename or path parameter is not validated against a permitted base directory, allowing sequences such as '../../../' to escape the intended directory scope. The CVSS vector AV:N/AC:L/PR:L/UI:N confirms the flaw is reachable over the network with low complexity and requires only a low-privilege authenticated session.
RemediationAI
The primary remediation is to update the Classified Listing plugin to a version beyond 5.3.8; however, an exact patched release version is not confirmed in the available data - consult the Patchstack advisory (https://patchstack.com/database/wordpress/plugin/classified-listing/vulnerability/wordpress-classified-listing-plugin-5-3-8-arbitrary-file-download-vulnerability) and the WordPress plugin repository for the latest release. As a compensating control pending an update, administrators should restrict plugin access by limiting user registration or removing low-privilege roles that can invoke the vulnerable file download functionality. Additionally, a web application firewall rule blocking path traversal patterns (e.g., '../' sequences) in query parameters targeting the plugin's endpoints can reduce exploitability, though this may affect legitimate functionality. Monitoring access logs for traversal sequences in file-related plugin requests is advisable for detection.
More in Classified Listing
View allThe Classified Listing Pro WordPress plugin before 2.0.20 does not escape a generated URL before outputting it back in a
The Classima WordPress theme before 2.1.11 and some of its required plugins (Classified Listing before 2.2.14, Classifie
The Classified Listing - Classified ads & Business Directory Plugin plugin for WordPress is vulnerable to Cross-Site Req
Cross-Site Request Forgery (CSRF) vulnerability in RadiusTheme Classified Listing plugin <= 2.4.5 versions. Rated high s
Cross-site scripting in the Classified Listing WordPress plugin (by RadiusTheme) versions 5.4.2 and earlier lets a remot
Unauthenticated reflected/stored Cross-Site Scripting in the Classified Listing WordPress plugin versions 5.3.8 and earl
The Classified Listing - Classified ads & Business Directory Plugin plugin for WordPress is vulnerable to unauthorized a
Broken access control in the Classified Listing WordPress plugin (versions <= 5.4.2) allows subscriber-level authenticat
Broken Access Control in the Classified Listing WordPress plugin (versions ≤ 5.3.8) allows unauthenticated remote attack
Broken access control in the Classified Listing WordPress plugin (versions ≤ 5.3.9) allows subscriber-level authenticate
The Classified Listing - Classified ads & Business Directory Plugin plugin for WordPress is vulnerable to Sensitive Info
The Classified Listing - Classified ads & Business Directory Plugin plugin for WordPress is vulnerable to unauthorized l
Same weakness CWE-22 – Path Traversal
View allSame technique Path Traversal
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-33683
GHSA-8pf8-7vpw-x352