89 matches found
WordPress Ivory Search – WordPress Search Plugin plugin <= 5.5.8 - Unauthenticated Reflected Cross-Site Scripting vulnerability
Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin Ivory Search versions = 5.5.8...
CVE-2026-1053
The Ivory Search – WordPress Search Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 5.5.13 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2026-1053
The Ivory Search – WordPress Search Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 5.5.13 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
EUVD-2026-4888
The Ivory Search – WordPress Search Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 5.5.13 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2026-1053
The Ivory Search – WordPress Search Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 5.5.13 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2026-1053 Ivory Search <= 5.5.13 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'menu_gcse' and 'nothing_found_text' Parameters
The Ivory Search – WordPress Search Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 5.5.13 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2026-1053 Ivory Search <= 5.5.13 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'menu_gcse' and 'nothing_found_text' Parameters
The Ivory Search – WordPress Search Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 5.5.13 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2026-1053
CVE-2026-1053: Ivory Search – WordPress Search Plugin (WordPress) is vulnerable to stored XSS up to version 5.5.13 due to insufficient input sanitization and output escaping. Exploitation requires authenticated attacker with administrator-level privileges (or higher). Impact is injection of arbit...
WordPress Ivory Search plugin <= 5.5.13 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'menu_gcse' and 'nothing_found_text' Parameters vulnerability
Authenticated Administrator+ Stored Cross-Site Scripting via 'menugcse' and 'nothingfoundtext' Parameters vulnerability discovered by JongHwan Shin zzzsleep in WordPress Plugin Ivory Search versions = 5.5.13...
PT-2026-5081
The Ivory Search – WordPress Search Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 5.5.13 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
WordPress plugin Ivory Search has a cross-site scripting vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
CVE-2025-63069
Missing Authorization vulnerability in Vinod Dalvi Ivory Search add-search-to-menu allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ivory Search: from n/a through = 5.5.12...
CVE-2025-63069
Missing Authorization vulnerability in Vinod Dalvi Ivory Search add-search-to-menu allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ivory Search: from n/a through = 5.5.12...
EUVD-2025-201960
Missing Authorization vulnerability in Vinod Dalvi Ivory Search add-search-to-menu allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ivory Search: from n/a through = 5.5.12...
CVE-2025-63069 WordPress Ivory Search plugin <= 5.5.12 - Broken Access Control vulnerability
Missing Authorization vulnerability in Vinod Dalvi Ivory Search add-search-to-menu allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ivory Search: from n/a through = 5.5.12...
CVE-2025-63069
Summary of CVE-2025-63069 : A missing authorization vulnerability in the WordPress plugin Ivory Search (add-search-to-menu) enables broken access control on Ivory Search versions up to and including 5.5.12. The public CVE set documents this as a WordPress plugin issue with a CVSS v3.1 base score ...
CVE-2025-63069 WordPress Ivory Search plugin <= 5.5.12 - Broken Access Control vulnerability
Missing Authorization vulnerability in Vinod Dalvi Ivory Search add-search-to-menu allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ivory Search: from n/a through = 5.5.12...
WordPress plugin Ivory Search 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
PT-2025-50069
Missing Authorization vulnerability in Vinod Dalvi Ivory Search add-search-to-menu allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ivory Search: from n/a through = 5.5.12...
EUVD-2021-23445
Malware in sbrugna...