Does Cleanup – Directory Listing & Classifieds WordPress Plugin have any unpatched vulnerabilities?

No. All known vulnerabilities in Cleanup – Directory Listing & Classifieds WordPress Plugin have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Cleanup – Directory Listing & Classifieds WordPress Plugin compatible with WordPress 6.7.5?

According to WordPress.org data, Cleanup – Directory Listing & Classifieds WordPress Plugin 1.0.6 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

Is Cleanup – Directory Listing & Classifieds WordPress Plugin compatible with PHP 5.2.4+?

Cleanup – Directory Listing & Classifieds WordPress Plugin requires PHP 5.2.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

Cleanup – Directory Listing & Classifieds WordPress Plugin Security & Risk Analysis

wordpress.org/plugins/cleanup-light

Manage directory listings from both the front-end and the WordPress admin panel. Fully responsive design with an intuitive AJAX-powered interface.

0 active installs v1.0.6 PHP 5.2.4+ WP 4.9+ Updated Dec 21, 2024

business-directoryclassified-adsclassifiedsdirectory-pluginlisting

A · Safe

CVEs total1

Unpatched0

Last CVENov 27, 2024

Plugin page Download

Safety Verdict

Is Cleanup – Directory Listing & Classifieds WordPress Plugin Safe to Use in 2026?

Generally Safe

Score 91/100

Cleanup – Directory Listing & Classifieds WordPress Plugin has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Nov 27, 2024Updated 1yr ago

Risk Assessment

The plugin "cleanup-light" v1.0.6 exhibits a mixed security posture. While it demonstrates strong adherence to secure coding practices such as 100% prepared SQL statements and a high percentage of properly escaped output, significant concerns arise from its attack surface. The presence of 16 AJAX handlers without authentication checks represents a substantial entry point for potential attackers. Furthermore, the taint analysis reveals two high-severity flows with unsanitized paths, indicating a risk of sensitive data exposure or code execution if these flows are improperly triggered.

The plugin's vulnerability history shows a single medium-severity CVE related to Cross-site Scripting (XSS). Although this vulnerability is currently patched, its existence, especially concerning XSS, aligns with the taint analysis findings of unsanitized paths, suggesting a pattern of input sanitization weaknesses. The large number of entry points, particularly the unprotected AJAX handlers, coupled with the high-severity taint flows, requires careful consideration. Despite the positive aspects of SQL handling and output escaping, the potential for exploitation through the unprotected AJAX handlers and the identified taint flows warrants attention.

Key Concerns

Unprotected AJAX handlers present
High severity taint flow identified
Unsanitized paths in taint flows
Past medium XSS vulnerability history

Vulnerabilities

Cleanup – Directory Listing & Classifieds WordPress Plugin Security Vulnerabilities

CVEs by Year

1 CVE in 2024

2024

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2025-24563medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Cleanup – Directory Listing & Classifieds WordPress Plugin <= 1.0.4 - Reflected Cross-Site Scripting

Nov 27, 2024 Patched in 1.0.5 (86d)

Code Analysis

Analyzed Mar 17, 2026

Cleanup – Directory Listing & Classifieds WordPress Plugin Code Analysis

Dangerous Functions

Raw SQL Queries

76 prepared

Unescaped Output

180

1841 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

DataTablesTinyMCETCPDF

SQL Query Safety

100% prepared76 total queries

Output Escaping

91% escaped2021 total outputs

Data Flows

4 unsanitized

Data Flow Analysis

14 flows4 with unsanitized paths

<paypal-submit> (admin\pages\payment-inc\paypal-submit.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

16 unprotected

Cleanup – Directory Listing & Classifieds WordPress Plugin Attack Surface

Entry Points92

Unprotected16

AJAX Handlers 73

authwp_ajax_cleanup_update_page_settingadmin\admin.php:15

authwp_ajax_cleanup_update_email_settingadmin\admin.php:16

authwp_ajax_cleanup_update_mailchamp_settingadmin\admin.php:17

authwp_ajax_cleanup_add_home_pageadmin\admin.php:18

authwp_ajax_cleanup_update_account_settingadmin\admin.php:21

authwp_ajax_cleanup_update_protected_settingadmin\admin.php:22

authwp_ajax_cleanup_import_dataadmin\admin.php:23

authwp_ajax_cleanup_update_user_settingsadmin\admin.php:24

authwp_ajax_cleanup_update_profile_fieldsadmin\admin.php:25

authwp_ajax_cleanup_update_dir_fieldsadmin\admin.php:26

authwp_ajax_cleanup_update_profile_signup_fieldsadmin\admin.php:27

authwp_ajax_cleanup_update_dir_settingadmin\admin.php:28

authwp_ajax_cleanup_update_search_fieldsadmin\admin.php:29

authwp_ajax_cleanup_update_archive_fieldsadmin\admin.php:30

authwp_ajax_cleanup_update_single_fieldsadmin\admin.php:31

authwp_ajax_cleanup_create_search_shortcodeadmin\admin.php:32

authwp_ajax_cleanup_search_shortcodes_saved_deleteadmin\admin.php:33

authwp_ajax_cleanup_update_map_settingsadmin\admin.php:34

authwp_ajax_cleanup_update_color_settingsadmin\admin.php:35

authwp_ajax_cleanup_update_myaccount_menuadmin\admin.php:36

authwp_ajax_cleanup_check_couponcleanup-light.php:76

noprivwp_ajax_cleanup_check_couponcleanup-light.php:77

authwp_ajax_cleanup_check_package_amountcleanup-light.php:78

noprivwp_ajax_cleanup_check_package_amountcleanup-light.php:79

authwp_ajax_cleanup_update_profile_piccleanup-light.php:80

authwp_ajax_cleanup_update_profile_settingcleanup-light.php:81

authwp_ajax_cleanup_update_wp_postcleanup-light.php:82

authwp_ajax_cleanup_save_wp_postcleanup-light.php:83

authwp_ajax_cleanup_update_setting_passwordcleanup-light.php:84

authwp_ajax_cleanup_check_logincleanup-light.php:85

noprivwp_ajax_cleanup_check_logincleanup-light.php:86

authwp_ajax_cleanup_forget_passwordcleanup-light.php:87

noprivwp_ajax_cleanup_forget_passwordcleanup-light.php:88

authwp_ajax_cleanup_save_favoritecleanup-light.php:89

authwp_ajax_cleanup_save_un_favoritecleanup-light.php:90

authwp_ajax_cleanup_save_notificationcleanup-light.php:91

authwp_ajax_cleanup_delete_favoritecleanup-light.php:92

authwp_ajax_cleanup_profile_bookmarkcleanup-light.php:93

authwp_ajax_cleanup_profile_bookmark_deletecleanup-light.php:94

authwp_ajax_cleanup_author_bookmarkcleanup-light.php:95

authwp_ajax_cleanup_author_bookmark_deletecleanup-light.php:96

authwp_ajax_cleanup_message_deletecleanup-light.php:97

authwp_ajax_cleanup_booking_deletecleanup-light.php:98

authwp_ajax_cleanup_message_sendcleanup-light.php:99

noprivwp_ajax_cleanup_message_sendcleanup-light.php:100

authwp_ajax_cleanup_booking_message_sendcleanup-light.php:101

noprivwp_ajax_cleanup_booking_message_sendcleanup-light.php:102

authwp_ajax_cleanup_chatgpt_upload_imagecleanup-light.php:103

authwp_ajax_cleanup_claim_sendcleanup-light.php:104

noprivwp_ajax_cleanup_claim_sendcleanup-light.php:105

authwp_ajax_cleanup_cron_listingcleanup-light.php:106

noprivwp_ajax_cleanup_cron_listingcleanup-light.php:107

authwp_ajax_cleanup_author_email_popupcleanup-light.php:108

noprivwp_ajax_cleanup_author_email_popupcleanup-light.php:109

authwp_ajax_cleanup_finalerp_csv_product_uploadcleanup-light.php:110

authwp_ajax_cleanup_save_csv_file_to_databasecleanup-light.php:111

authwp_ajax_cleanup_eppro_get_import_statuscleanup-light.php:112

authwp_ajax_cleanup_contact_popupcleanup-light.php:113

authwp_ajax_cleanup_listing_contact_popupcleanup-light.php:114

noprivwp_ajax_cleanup_listing_contact_popupcleanup-light.php:115

authwp_ajax_cleanup_listing_claim_popupcleanup-light.php:116

noprivwp_ajax_cleanup_listing_claim_popupcleanup-light.php:117

authwp_ajax_cleanup_listing_booking_popupcleanup-light.php:118

noprivwp_ajax_cleanup_listing_booking_popupcleanup-light.php:119

authwp_ajax_cleanup_chatgtp_settings_popupcleanup-light.php:120

noprivwp_ajax_cleanup_chatgtp_settings_popupcleanup-light.php:121

authwp_ajax_cleanup_load_categories_fields2073_wpadmincleanup-light.php:122

noprivwp_ajax_cleanup_load_categories_fields_wpadmincleanup-light.php:123

authwp_ajax_cleanup_save_post_without_usercleanup-light.php:124

noprivwp_ajax_cleanup_save_post_without_usercleanup-light.php:125

authwp_ajax_cleanup_save_user_reviewcleanup-light.php:126

authwp_ajax_cleanup_chatgpt_post_creatorcleanup-light.php:129

noprivwp_ajax_cleanup_chatgpt_post_creatorcleanup-light.php:130

Shortcodes 19

[cleanup_price_table] cleanup-light.php:133

[cleanup_form_wizard] cleanup-light.php:134

[cleanup_profile_template] cleanup-light.php:135

[cleanup_login] cleanup-light.php:137

[cleanup_categories] cleanup-light.php:139

[cleanup_featured] cleanup-light.php:140

[cleanup_map] cleanup-light.php:141

[cleanup_archive_grid_no_map] cleanup-light.php:142

[cleanup_archive_grid] cleanup-light.php:143

[cleanup_archive_grid_top_map] cleanup-light.php:144

[cleanup_search] cleanup-light.php:145

[cleanup_search_popup] cleanup-light.php:146

[cleanup_listing_filter] cleanup-light.php:147

[cleanup_categories_carousel] cleanup-light.php:148

[cleanup_tags_carousel] cleanup-light.php:149

[cleanup_locations_carousel] cleanup-light.php:150

[cleanup_locations] cleanup-light.php:151

[cleanup_reminder_email_cron] cleanup-light.php:152

[cleanup_add_listing] cleanup-light.php:153

WordPress Hooks 36

actionadmin_menuadmin\admin.php:12

actionadmin_print_scriptsadmin\admin.php:13

actionadmin_print_stylesadmin\admin.php:14

actionadmin_initadmin\admin.php:37

actioninitadmin\admin.php:38

actionmanage_cleanup_message_posts_custom_columnadmin\pages\manage-cpt-columns.php:8

filtermanage_edit-cleanup_message_columnsadmin\pages\manage-cpt-columns.php:9

actionadmin_enqueue_scriptsadmin\pages\metaboxes\category-meta.php:138

actionadmin_enqueue_scriptsadmin\pages\metaboxes\location-meta.php:82

actionenqueue_block_editor_assetsadmin\pages\tinymce_shortcode_button.php:12

filterblock_categories_alladmin\pages\tinymce_shortcode_button.php:29

actionwidgets_initcleanup-light.php:68

actioninitcleanup-light.php:72

actionadd_meta_boxescleanup-light.php:127

actionsave_postcleanup-light.php:128

actionpre_get_postscleanup-light.php:131

filtertemplate_includecleanup-light.php:155

actioninitcleanup-light.php:158

actioninitcleanup-light.php:159

actioninitcleanup-light.php:160

actioninitcleanup-light.php:161

actioninitcleanup-light.php:162

actioninitcleanup-light.php:163

actioninitcleanup-light.php:164

actioninitcleanup-light.php:165

actionwp_loadedcleanup-light.php:166

actioninitcleanup-light.php:167

actionwp_enqueue_scriptscleanup-light.php:169

filterviews_edit-postcleanup-light.php:1704

filterviews_uploadcleanup-light.php:1705

actionadmin_noticescleanup-light.php:2033

filterposts_fieldscleanup-light.php:2979

filterposts_joincleanup-light.php:2980

filterposts_wherecleanup-light.php:2981

filterposts_groupbycleanup-light.php:2982

filterposts_orderbycleanup-light.php:2983

Maintenance & Trust

Cleanup – Directory Listing & Classifieds WordPress Plugin Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedDec 21, 2024

PHP min version5.2.4

Downloads2K

Community Trust

Rating100/100

Number of ratings2

Active installs0

Alternatives

Cleanup – Directory Listing & Classifieds WordPress Plugin Alternatives

Directorist: AI-Powered Business Directory, Listings & Classified Ads

directorist

Build any type of directory website such as a business directory, job directory, classifieds directory, and more with this WordPress directory plugin.

20K 2 unpatched

Classified Listing – AI-Powered Classified ads & Business Directory Plugin

classified-listing

A Classified ads and Business Directory plugin for WordPress, to create classified listing, real estate directory, local business directory, and more.

10K 15 CVEs

GeoDirectory – WP Business Directory Plugin and Classified Listings Directory

geodirectory

A superb WordPress Business Directory plugin to create a local business directory, classified ads directory, or job listings board.

10K 16 CVEs

HivePress – Business Directory & Classified Ads Plugin

hivepress

100

A simple yet powerful plugin to create a business directory, job board, real estate, classified ads, or basically any type of directory website.

10K No CVEs

AWP Classifieds

another-wordpress-classifieds-plugin

Create a classified listings directory, from auto listings to yard sales with AWP Classifieds plugin.

3K 10 CVEs

Developer Profile

Cleanup – Directory Listing & Classifieds WordPress Plugin Developer Profile

themeglow

3 plugins · 150 total installs

trust score

Avg Security Score

74/100

Avg Patch Time

31 days

View full developer profile

Detection Fingerprints

How We Detect Cleanup – Directory Listing & Classifieds WordPress Plugin

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/cleanup-light/cleanup-light-style.css/wp-content/plugins/cleanup-light/css/style.css/wp-content/plugins/cleanup-light/css/responsive.css/wp-content/plugins/cleanup-light/css/bootstrap.css/wp-content/plugins/cleanup-light/js/script.js

Script Paths

/wp-content/plugins/cleanup-light/js/script.js

Version Parameters

cleanup-light/cleanup-light-style.css?ver=cleanup-light/css/style.css?ver=cleanup-light/css/responsive.css?ver=cleanup-light/css/bootstrap.css?ver=cleanup-light/js/script.js?ver=

HTML / DOM Fingerprints

CSS Classes

cleanup_price_tablecleanup_form_wizardcleanup_profile_templatecleanup_logincleanup_categories

Data Attributes

data-popupid

JS Globals

cleanup_light_params

REST Endpoints

/wp-json/cleanup-light/v1/settings/wp-json/cleanup-light/v1/update-settings

Shortcode Output

[cleanup_price_table][cleanup_form_wizard][cleanup_profile_template][cleanup_login]

FAQ