WordPress Custom 404 Pro <= 3.11.1 - Reflected XSS

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Kunal Nagar Custom 404 Pro allows Reflected XSS.This issue affects Custom 404 Pro: from n/a through 3.11.1. id: CVE-2024-39646 info: name: WordPress Custom 404 Pro = 3.11.1 - Reflected XSS...

Custom 404 Pro < 3.2.8 - Cross-Site Scripting

Custom 404 Pro before 3.2.9 is susceptible to cross-site scripting via the title parameter due to insufficient input sanitization and output escaping. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to...

CVE-2025-62880

Cross-Site Request Forgery CSRF vulnerability in Kunal Custom 404 Pro custom-404-pro allows Cross Site Request Forgery.This issue affects Custom 404 Pro: from n/a through = 3.12.0...

CVE-2025-62880

Cross-Site Request Forgery CSRF vulnerability in Kunal Custom 404 Pro custom-404-pro allows Cross Site Request Forgery.This issue affects Custom 404 Pro: from n/a through = 3.12.0...

CVE-2025-62880 WordPress Custom 404 Pro plugin <= 3.12.0 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Kunal Custom 404 Pro custom-404-pro allows Cross Site Request Forgery.This issue affects Custom 404 Pro: from n/a through = 3.12.0...

CVE-2025-62880

CVE-2025-62880 concerns a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin Custom 404 Pro (versions up to and including 3.12.0). The CVE documents indicate the vulnerability affects Custom 404 Pro and can enable unauthorized actions on behalf of authenticated users due to C...

EUVD-2025-204706

Cross-Site Request Forgery CSRF vulnerability in Kunal Nagar Custom 404 Pro allows Cross Site Request Forgery.This issue affects Custom 404 Pro: from n/a through 3.12.0...

CVE-2025-62880 WordPress Custom 404 Pro plugin <= 3.12.0 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Kunal Custom 404 Pro custom-404-pro allows Cross Site Request Forgery.This issue affects Custom 404 Pro: from n/a through = 3.12.0...

PT-2025-52640

Name of the Vulnerable Software and Affected Versions Custom 404 Pro versions through 3.12.0 Description A Cross-Site Request Forgery issue exists in Kunal Nagar Custom 404 Pro. This allows attackers to perform actions on behalf of authenticated users. The issue affects Custom 404 Pro WordPress...

WordPress plugin Custom 404 Pro 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site request...

WordPress Custom 404 Pro plugin <= 3.12.0 - Authenticated (Administrator+) SQL Injection via `path` Parameter vulnerability

Authenticated Administrator+ SQL Injection via path Parameter vulnerability discovered by jamaal in WordPress Plugin Custom 404 Pro versions = 3.12.0...

CVE-2025-9947

The Custom 404 Pro plugin for WordPress is vulnerable to time-based SQL Injection via the ‘path’ parameter in all versions up to, and including, 3.12.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible...

EUVD-2025-33841

The Custom 404 Pro plugin for WordPress is vulnerable to time-based SQL Injection via the ‘path’ parameter in all versions up to, and including, 3.12.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible...

CVE-2025-9947

The Custom 404 Pro plugin for WordPress is vulnerable to time-based SQL Injection via the ‘path’ parameter in all versions up to, and including, 3.12.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible...

CVE-2025-9947 Custom 404 Pro <= 3.12.0 - Authenticated (Administrator+) SQL Injection via `path` Parameter

The Custom 404 Pro plugin for WordPress is vulnerable to time-based SQL Injection via the ‘path’ parameter in all versions up to, and including, 3.12.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible...

CVE-2025-9947

CVE-2025-9947 affects the WordPress plugin Custom 404 Pro . All versions up to 3.12.0 are vulnerable to a time-based SQL Injection via the path parameter due to insufficient escaping and query preparation. An authenticated attacker with Administrator+ privileges can append SQL statements to exist...

CVE-2025-9947 Custom 404 Pro <= 3.12.0 - Authenticated (Administrator+) SQL Injection via `path` Parameter

The Custom 404 Pro plugin for WordPress is vulnerable to time-based SQL Injection via the ‘path’ parameter in all versions up to, and including, 3.12.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible...

PT-2025-41682

Name of the Vulnerable Software and Affected Versions Custom 404 Pro plugin for WordPress versions prior to 3.13.0 Description The Custom 404 Pro plugin for WordPress is susceptible to time-based SQL Injection through the path parameter. This is due to inadequate input sanitization and insufficie...

WordPress plugin Custom 404 Pro SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A SQL injectio...

EUVD-2019-5921

Malware in sbrugna...