CRITICAL
CMSJunkie – WordPress Business Directory Plugins
CVE published 2026-06-15
CVE-2026-39591
A critical vulnerability (CVSS Score: 9.9) was discovered in the WP-BusinessDirectory plugin, version <= 4.0.0. This vulnerability allows subscribers to upload arbitrary files, potentially leading to severe consequences.