Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Mamunur Rashid | Classified Listing | unaffected |
|
No data.
No data.
No data.
Project Subscriptions
No data.
No advisories yet.
Solution
Update the WordPress Classified Listing Plugin to the latest available version (at least 5.3.9).
Workaround
No workaround given by the vendor.
Mon, 15 Jun 2026 20:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Unauthenticated Cross Site Scripting (XSS) in Classified Listing <= 5.3.8 versions. | |
| Title | WordPress Classified Listing plugin <= 5.3.8 - Cross Site Scripting (XSS) vulnerability | |
| Weaknesses | CWE-79 | |
| References |
| |
| Metrics |
cvssV3_1
|
Projects
Sign in to view the affected projects.
MITRE
Status: PUBLISHED
Assigner: Patchstack
Published:
Updated: 2026-06-15T20:18:40.535Z
Reserved: 2026-04-29T09:04:43.154Z
Link: CVE-2026-42658
Vulnrichment
No data.
NVD
Status : Deferred
Published: 2026-06-15T21:16:55.457
Modified: 2026-06-15T21:24:32.790
Link: CVE-2026-42658
Redhat
No data.
OpenCVE Enrichment
No data.