Headline
CVE-2021-36880: WordPress uListing plugin <= 2.0.3 - Unauthenticated SQL Injection (SQLi) vulnerability - Patchstack
Unauthenticated SQL Injection (SQLi) vulnerability in WordPress uListing plugin (versions <= 2.0.3), vulnerable parameter: custom.