Lucene search
+L

80 matches found

OSV
OSV
added 2024/02/05 10:16 p.m.7 views

CVE-2024-0668

The Advanced Database Cleaner plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.1.3 via deserialization of untrusted input in the 'processbulkaction' function. This makes it possible for authenticated attacker, with administrator access and above, ...

7.2CVSS6AI score0.01139EPSS
Exploits0References4
Prion
Prion
added 2024/02/05 10:16 p.m.23 views

Deserialization of untrusted data

The Advanced Database Cleaner plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.1.3 via deserialization of untrusted input in the 'processbulkaction' function. This makes it possible for authenticated attacker, with administrator access and above, ...

5.8CVSS7.3AI score0.01139EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2024/02/05 9:22 p.m.32 views

CVE-2024-0668 Advanced Database Cleaner <= 3.1.3 - Authenticated(Administrator+) PHP Object Injection via process_bulk_action

The Advanced Database Cleaner plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.1.3 via deserialization of untrusted input in the 'processbulkaction' function. This makes it possible for authenticated attacker, with administrator access and above, ...

6.6CVSS7.3AI score0.01139EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/02/05 12:0 a.m.9 views

PT-2024-15733 · WordPress · Advanced Database Cleaner

Name of the Vulnerable Software and Affected Versions: Advanced Database Cleaner plugin for WordPress versions up to, and including, 3.1.3 Description: The issue allows an authenticated attacker with administrator access and above to inject a PHP Object via deserialization of untrusted input in t...

7.2CVSS7.9AI score0.01139EPSS
Exploits0References8
CNNVD
CNNVD
added 2024/02/05 12:0 a.m.9 views

WordPress plugin Advanced Database Cleaner security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...

7.2CVSS7.1AI score0.01139EPSS
Exploits0References5
NVD
NVD
added 2023/12/19 9:15 p.m.36 views

CVE-2023-49764

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Younes JFR. Advanced Database Cleaner.This issue affects Advanced Database Cleaner: from n/a through 3.1.2...

7.6CVSS0.0074EPSS
Exploits0References1
OSV
OSV
added 2023/12/19 9:15 p.m.5 views

CVE-2023-49764

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Younes JFR. Advanced Database Cleaner.This issue affects Advanced Database Cleaner: from n/a through 3.1.2...

7.2CVSS7.3AI score0.0074EPSS
Exploits0References1
Prion
Prion
added 2023/12/19 9:15 p.m.22 views

Sql injection

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Younes JFR. Advanced Database Cleaner.This issue affects Advanced Database Cleaner: from n/a through 3.1.2...

5.8CVSS7.9AI score0.0074EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/12/19 8:31 p.m.58 views

CVE-2023-49764

CVE-2023-49764 affects the WordPress plugin Advanced Database Cleaner (

7.6CVSS7.8AI score0.0074EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/12/19 8:31 p.m.36 views

CVE-2023-49764 WordPress Advanced Database Cleaner Plugin <= 3.1.2 is vulnerable to SQL Injection

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Younes JFR. Advanced Database Cleaner.This issue affects Advanced Database Cleaner: from n/a through 3.1.2...

7.6CVSS8.1AI score0.0074EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/12/19 12:0 a.m.5 views

WordPress plugin Advanced Database Cleaner SQL Injection Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A SQL injection vulnerability exists in the...

7.6CVSS8AI score0.0074EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/12/19 12:0 a.m.11 views

PT-2023-31334 · Unknown · Advanced Database Cleaner

Name of the Vulnerable Software and Affected Versions: Advanced Database Cleaner versions through 3.1.2 Description: The issue is related to an SQL Injection vulnerability due to the improper neutralization of special elements used in an SQL command. This allows for potential exploitation by...

7.6CVSS7.6AI score0.0074EPSS
Exploits0References5
Patchstack
Patchstack
added 2023/12/04 12:0 a.m.20 views

WordPress Advanced Database Cleaner Plugin <= 3.1.2 is vulnerable to SQL Injection

Software Advanced Database Cleaner Type Plugin Vulnerable versions = 3.1.2 Fixed in 3.1.3 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2023-49764 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID 18ca57291df6 Credits Mika Required privilege Administrator...

7.6CVSS6.8AI score0.0074EPSS
Exploits0References2Affected Software1
OpenVAS
OpenVAS
added 2023/06/14 12:0 a.m.11 views

WordPress Advanced Database Cleaner Plugin < 3.1.2 CSRF Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:sigmaplugin:advanceddatabasecleaner"; ifdescription...

8.8CVSS7AI score0.00256EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2023/06/14 12:0 a.m.11 views

WordPress Advanced Database Cleaner Plugin < 3.0.2 SQLi Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:sigmaplugin:advanceddatabasecleaner"; ifdescription...

7.2CVSS7AI score0.01205EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2023/06/14 12:0 a.m.23 views

WordPress Advanced Database Cleaner Plugin < 3.0.4 XSS Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:sigmaplugin:advanceddatabasecleaner"; ifdescription...

6.1CVSS6.4AI score0.008EPSS
Exploits2References1
NVD
NVD
added 2023/05/23 3:15 p.m.22 views

CVE-2022-46813

Cross-Site Request Forgery CSRF vulnerability in Younes JFR. Advanced Database Cleaner plugin = 3.1.1 versions...

8.8CVSS5.8AI score0.00256EPSS
Exploits0References1
OSV
OSV
added 2023/05/23 3:15 p.m.5 views

CVE-2022-46813

Cross-Site Request Forgery CSRF vulnerability in Younes JFR. Advanced Database Cleaner plugin = 3.1.1 versions...

8.8CVSS5.8AI score0.00256EPSS
Exploits0References1
Prion
Prion
added 2023/05/23 3:15 p.m.14 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Younes JFR. Advanced Database Cleaner plugin = 3.1.1 versions...

6.8CVSS8.7AI score0.00256EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/05/23 2:49 p.m.46 views

CVE-2022-46813

CVE-2022-46813 affects the WordPress plugin Advanced Database Cleaner (versions

8.8CVSS6.5AI score0.00256EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder