CVE-2025-14477

The 404 Solution plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 3.1.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This is due to improper sanitization of the filterText paramet...

EUVD-2023-56819

Malicious code in bioql PyPI...

EUVD-2023-55581

Malicious code in bioql PyPI...

CVE-2024-1068

The 404 Solution WordPress plugin before 2.35.8 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admins...

CVE-2023-52146

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Aaron J 404 Solution.This issue affects 404 Solution: from n/a through 2.33.0...

CVE-2023-50848

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Aaron J 404 Solution.This issue affects 404 Solution: from n/a through 2.34.0...

CVE-2024-11277

The 404 Solution plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via URLs in all versions up to, and including, 2.35.19 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages th...

CVE-2024-11277 404 Solution <= 2.35.19 - Reflected Cross-Site Scripting

The 404 Solution plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via URLs in all versions up to, and including, 2.35.19 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages th...

CVE-2024-11277

CVE-2024-11277 (404 Solution, WordPress) : The plugin is affected by a reflected Cross-Site Scripting (XSS) vulnerability via URLs in all versions up to 2.35.19. Exploitation requires a user to click a link, but does not require authentication. Root cause is insufficient input sanitization and ou...

CVE-2024-11277 404 Solution <= 2.35.19 - Reflected Cross-Site Scripting

The 404 Solution plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via URLs in all versions up to, and including, 2.35.19 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages th...

WordPress plugin 404 Solution 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

WordPress 404 Solution plugin <= 2.35.19 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by Max Boll b0lli in WordPress Plugin 404 Solution versions = 2.35.19...

404 Solution < 2.35.20 - Reflected Cross-Site Scripting

Description The 404 Solution plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via URLs in all versions up to, and including, 2.35.19 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts...

WordPress 404 Solution Plugin <= 2.35.19 is vulnerable to Cross Site Scripting (XSS)

Software 404 Solution Type Plugin Vulnerable versions = 2.35.19 Fixed in 2.35.20 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-11277 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 6a1ea4fa1e3d Credits Max Boll b0lli...

404 Solution < 2.35.18 - Missing Authentication to Sensitive Information Exposure

Description The 404 Solution plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.35.17 via the export feature. This makes it possible for unauthenticated attackers to extract sensitive data such as redirects including GET parameters which m...

WordPress plugin 404 Solution 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

PT-2024-16755 · WordPress · 404 Solution

Name of the Vulnerable Software and Affected Versions: The 404 Solution plugin for WordPress versions up to, and including, 2.35.17 Description: The issue allows unauthenticated attackers to extract sensitive data, such as redirects including GET parameters, via the export feature. This could...

WordPress 404 Solution plugin <= 2.35.17 - Missing Authentication to Sensitive Information Exposure vulnerability

Missing Authentication to Sensitive Information Exposure vulnerability discovered by Max Boll b0lli in WordPress Plugin 404 Solution versions = 2.35.17...

WordPress 404 Solution Plugin <= 2.35.17 is vulnerable to Sensitive Data Exposure

Software 404 Solution Type Plugin Vulnerable versions = 2.35.17 Fixed in 2.35.18 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-11094 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 1a6e5a5e1d1a Credits Max Boll b0lli Required...

WordPress 404 Solution Plugin < 2.35.8 is vulnerable to SQL Injection

Software 404 Solution Type Plugin Vulnerable versions 2.35.8 Fixed in 2.35.8 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-1068 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID a596100a0999 Credits Sumit Patel Required privilege Administrator Publishe...