3 matches found
WordPress Better Find and Replace plugin <= 1.7.7 - Authenticated (Subscriber+) Limited Code Injection vulnerability
Authenticated Subscriber+ Limited Code Injection vulnerability discovered by ISMAILSHADOW in WordPress Plugin Better Find and Replace versions = 1.7.7...
CVE-2025-9334
creationtimestamp| type| source ---|---|--- 2025-11-08 07:32:05+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3m5437qdrzw24 2025-11-08 08:55:48+00:00| seen| https://bsky.app/profile/jos1264.social.skynetcloud.site.ap.brid.gy/post/3m547u6ves7j2 2025-11-08 09:07:18+00:00| seen|...
CVE-2025-9334
The Better Find and Replace – AI-Powered Suggestions plugin for WordPress is vulnerable to Limited Code Injection in all versions up to, and including, 1.7.7. This is due to insufficient input validation and restriction on the 'rtafarajax' function. This makes it possible for authenticated...