CVE-2020-36723 in Directory & Listing Theme
Summary
by MITRE • 06/07/2023
The ListingPro - WordPress Directory & Listing Theme for WordPress is vulnerable to Sensitive Data Exposure in versions before 2.6.1 via the ~/listingpro-plugin/functions.php file. This makes it possible for unauthenticated attackers to extract sensitive data including usernames, full names, email addresses, phone numbers, physical addresses and user post counts.
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Analysis
by VulDB Data Team • 04/09/2026
The CVE-2020-36723 vulnerability affects the ListingPro WordPress theme, which is widely used for creating directory and listing websites. This particular flaw exists in versions prior to 2.6.1 and represents a critical sensitive data exposure issue that fundamentally compromises user privacy and system security. The vulnerability stems from improper access controls within the theme's core functionality, specifically in the functions.php file that handles various backend operations. Attackers can exploit this weakness to gain unauthorized access to user data without requiring any authentication credentials, making it particularly dangerous as it affects all users regardless of their access level or privileges.
The technical implementation of this vulnerability occurs through the listingpro-plugin functions.php file where the theme fails to properly validate or restrict access to user-related data endpoints. This weakness allows unauthenticated attackers to craft specific requests that bypass normal authorization mechanisms and retrieve comprehensive user profiles from the WordPress database. The exposed data includes not only basic contact information such as email addresses and phone numbers but also personal identifiers like full names, physical addresses, and even user post counts which can provide additional context for social engineering attacks. From a cybersecurity perspective, this vulnerability aligns with CWE-200 which defines weaknesses related to improper information exposure and represents a clear violation of data protection principles.
The operational impact of this vulnerability extends far beyond simple data leakage, as the exposed user information creates multiple attack vectors for malicious actors. The collection of usernames, email addresses, and phone numbers provides attackers with sufficient information to conduct targeted phishing campaigns, social engineering attacks, or credential stuffing attempts across other platforms where users may have reused passwords. The inclusion of user post counts and physical addresses adds additional layers of personal information that can be used for identity theft or location-based attacks. This vulnerability particularly affects businesses and organizations that rely on WordPress directory themes for their online presence, as it can expose their entire user base to potential compromise and create significant reputational damage.
Security professionals should implement immediate mitigations including updating to version 2.6.1 or later of the ListingPro theme to address this vulnerability. The update process should be conducted with proper testing to ensure no compatibility issues arise with existing website functionality. Additionally, administrators should review their WordPress security configurations and implement additional access controls for sensitive endpoints. From a defensive perspective, this vulnerability demonstrates the importance of proper input validation and access control implementation, aligning with ATT&CK technique T1213 which covers data from information repositories. Organizations should also consider implementing network monitoring and intrusion detection systems to identify potential exploitation attempts and establish incident response procedures for handling sensitive data exposure events. The vulnerability serves as a reminder of the critical need for regular security updates and proper security testing of third-party WordPress themes and plugins.