CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

RedhatCVE•added 2026/01/09 9:55 a.m.•3 views

CVE-2020-12104

The Import feature in the wp-advanced-search plugin 3.3.6 for WordPress is vulnerable to authenticated SQL injection via an uploaded .sql file. An attacker can use this to execute SQL commands without any validation...

8.8CVSS8.1AI score0.00779EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 12:26 a.m.•6 views

CVE-2022-47447

Cross-Site Request Forgery CSRF vulnerability in Mathieu Chartier WordPress WP-Advanced-Search plugin = 3.3.8 versions...

8.8CVSS7.1AI score0.00135EPSS

Exploits1References1

Packet Storm News•added 2025/05/01 12:0 a.m.•10 views

WordPress WP-Advanced-Search 3.3.9.3 Shell Upload

WordPress WP-Advanced-Search plugin versions 3.3.9.3 and below suffer from a remote shell upload vulnerability...

6.6CVSS7.4AI score0.00723EPSS

Exploits1

Vulnrichment•added 2025/04/02 9:21 a.m.•4 views

CVE-2025-3099 Advanced Search by My Solr Server <= 2.0.5 - Cross-Site Request Forgery to Stored Cross-Site Scripting

The Advanced Search by My Solr Server plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.5. This is due to missing or incorrect nonce validation on the 'MySolrServerSettings' page. This makes it possible for unauthenticated attackers to upda...

6.1CVSS6.7AI score0.00413EPSS

Exploits0References5

CNNVD•added 2025/03/25 12:0 a.m.•1 views

WordPress plugin WP-Advanced-Search 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

3.5CVSS6AI score0.00069EPSS

Exploits1References3

Patchstack•added 2024/04/15 1:14 p.m.•2 views

WordPress Advance Search plugin <= 1.1.6 - Shortcode Deletion via CSRF vulnerability

Shortcode Deletion via CSRF vulnerability discovered by Bob Matyas in WordPress Plugin Advanced Search versions = 1.1.6...

8.7CVSS8.6AI score0.00279EPSS

Exploits2References1Affected Software1

OSV•added 2024/04/15 5:15 a.m.•0 views

CVE-2024-2739

The Advanced Search WordPress plugin through 1.1.6 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

8.7CVSS5.8AI score

Exploits0References1

CVE•added 2023/05/24 4:10 p.m.•54 views

CVE-2022-47447

CVE-2022-47447 concerns the WordPress WP-Advanced-Search plugin. A CSRF vulnerability affects versions ≤ 3.3.8, with a fix released in 3.3.9. Patchstack lists unauthenticated access, indicating potential CSRF abuse to trigger unintended actions in a user’s account. Remediation: upgrade to 3.3.9 o...

8.8CVSS6.5AI score0.00135EPSS

Exploits1References1Affected Software1

Prion•added 2020/05/05 3:15 p.m.•10 views

Sql injection

6.5CVSS9AI score0.00779EPSS

Exploits0References2Affected Software1

Positive Technologies•added 2020/05/05 12:0 a.m.•4 views

PT-2020-13036 · WordPress · Wp-Advanced-Search

Name of the Vulnerable Software and Affected Versions: wp-advanced-search plugin version 3.3.6 Description: The Import feature in the wp-advanced-search plugin is vulnerable to authenticated SQL injection via an uploaded .sql file. An attacker can use this to execute SQL commands without any...

8.8CVSS8.5AI score0.00779EPSS

Exploits0References6

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by