WordPress SearchWP premium plugin <= 4.2.5 - Broken Authentication vulnerability

2022-10-2400:00:00

Dave Jong (Patchstack)

patchstack.com

wordpress searchwp

premium plugin

broken authentication

nonce token leakage

plugin settings

update

EPSS

0.001

Percentile

22.7%

JSON

Broken Authentication vulnerability via Nonce Token Leakage Leading to Plugin Settings Change discovered by Dave Jong (Patchstack) in the WordPress SearchWP premium plugin (versions <= 4.2.5).

Solution

           Update the WordPress SearchWP plugin to the latest available version (at least 4.2.6).

EPSS

0.001

Percentile

22.7%

JSON

Related for PATCHSTACK:6D5A6A4498395D50D1BC3BB1E7FB7BDF