Live Vulnerability Intelligence

Threat Database

Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.

Total2

Critical0

High1

Medium1

Search Severity Year Type Sort Order

Reset

Showing 1-2 of 2 records

Threat Entry Updated 2025-08-29

CVE-2025-53243 - Team Directory Plugin

Deserialization of Untrusted Data vulnerability in emarket-design Employee Directory – Staff Listing & Team Directory Plugin for WordPress allows Object Injection. This issue affects Employee Directory – Staff Listing & Team Directory Plugin for WordPress: from n/a through 4.5.3.

PLUGIN Team Directory

CVE-2025-53243

HIGH CVSS 8.1 2025-08-28

Risk Score

Open Full Technical Breakdown

Threat Entry Updated 2025-06-04

CVE-2025-5531 - Team Directory Plugin

The Employee Directory – Staff Listing & Team Directory Plugin for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'emd_mb_meta' shortcode in all versions up to, and including, 4.5.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

PLUGIN Team Directory

CVE-2025-5531

MEDIUM CVSS 6.4 2025-06-04

Risk Score

Open Full Technical Breakdown

Blog

"Prevention is cheaper than a breach"

Threat Database

CVE-2025-53243 - Team Directory Plugin

CVE-2025-5531 - Team Directory Plugin

Company Links

Contact Us