8 matches found
CVE-2025-14477
The 404 Solution plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 3.1.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This is due to improper sanitization of the filterText paramet...
CVE-2024-11277
CVE-2024-11277 (404 Solution, WordPress) : The plugin is affected by a reflected Cross-Site Scripting (XSS) vulnerability via URLs in all versions up to 2.35.19. Exploitation requires a user to click a link, but does not require authentication. Root cause is insufficient input sanitization and ou...
WordPress 404 Solution plugin <= 2.35.19 - Reflected Cross-Site Scripting vulnerability
Reflected Cross-Site Scripting vulnerability discovered by Max Boll b0lli in WordPress Plugin 404 Solution versions = 2.35.19...
WordPress 404 Solution Plugin <= 2.35.17 is vulnerable to Sensitive Data Exposure
Software 404 Solution Type Plugin Vulnerable versions = 2.35.17 Fixed in 2.35.18 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-11094 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 1a6e5a5e1d1a Credits Max Boll b0lli Required...
WordPress 404 Solution Plugin < 2.35.8 is vulnerable to SQL Injection
Software 404 Solution Type Plugin Vulnerable versions 2.35.8 Fixed in 2.35.8 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-1068 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID a596100a0999 Credits Sumit Patel Required privilege Administrator Publishe...
CVE-2023-50848 WordPress 404 Solution Plugin <= 2.34.0 is vulnerable to SQL Injection
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Aaron J 404 Solution.This issue affects 404 Solution: from n/a through 2.34.0...
CVE-2023-50848 WordPress 404 Solution Plugin <= 2.34.0 is vulnerable to SQL Injection
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Aaron J 404 Solution.This issue affects 404 Solution: from n/a through 2.34.0...
WordPress 404 Solution Plugin <= 2.33.0 is vulnerable to Sensitive Data Exposure
Software 404 Solution Type Plugin Vulnerable versions = 2.33.0 Fixed in 2.33.1 OWASP Top 10 A9: Security Logging and Monitoring Failures Classification Sensitive Data Exposure CVE CVE-2023-52146 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 8e10ffdc1b34 Credits Joshua Ch...