High 8.1 Unfixed
2025-08-28≤ 4.5.5
WordPress Employee Directory – Staff Listing & Team Directory plugin for WordPress plugin <= 4.5.5 - PHP Object Injection vulnerability
Employee Directory – Staff & Team Directory
Minimum safe version
4.5.2
Update to 4.5.2 or later to address 2 fixable vulnerabilities
Latest available4.5.5 ✓⚠ 1 vulnerability has no fix
Medium 6.4
2025-08-05< 4.5.2
Employee Directory <= 4.5.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via noaccess_msg Parameter
Medium 6.4
2025-06-04< 4.5.1
WordPress Employee Directory – Staff Listing & Team Directory Plugin for WordPress Plugin <= 4.5.0 is vulnerable to Cross Site Scripting (XSS)