30 matches found
CVE-2022-36282
CVE-2022-36282 affects WordPress: Roman Pronskiy’s Search Exclude plugin, versions 1.2.6 and earlier. It is an authenticated Stored Cross-Site Scripting (XSS) flaw exploitable by users with editor+ privileges, due to insufficient sanitization/escaping of input data. The vulnerability impacts page...
CVE-2022-36282 WordPress Search Exclude plugin <= 1.2.6 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
Authenticated editor+ Stored Cross-Site Scripting XSS vulnerability in Roman Pronskiy's Search Exclude plugin = 1.2.6 at WordPress...
PT-2022-23289 · Roman Pronskiy · Search Exclude
Name of the Vulnerable Software and Affected Versions: Roman Pronskiy's Search Exclude plugin versions 1.2.6 and earlier Description: The issue is related to an Authenticated Stored Cross-Site Scripting XSS vulnerability. This means that an attacker with editor or higher privileges can inject...
WordPress plugin Search Exclude 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
WordPress Search Exclude plugin <= 1.2.6 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Muhammad Daffa Patchstack Alliance in WordPress Search Exclude plugin versions = 1.2.6. Solution Update the WordPress Search Exclude plugin to the latest available version at least 1.2.7...
WordPress Search Exclude Plugin Access Control Error Vulnerability
WordPress is the WordPress Foundation's set of blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.Search Exclude is a search results exclusion plugin used in it. An access control error vulnerability exists in the WordPress Searc...
CVE-2019-15895
search-exclude.php in the "Search Exclude" plugin before 1.2.4 for WordPress allows unauthenticated options changes...
CVE-2019-15895
search-exclude.php in the "Search Exclude" plugin before 1.2.4 for WordPress allows unauthenticated options changes...
CVE-2019-15895
The vulnerability CVE-2019-15895 affects the WordPress Search Exclude plugin prior to version 1.2.4, due to an access control error that allows unauthenticated changes to plugin options. This enables an attacker to perform arbitrary settings changes without authentication, exposing the plugin’s c...
WordPress Search Exclude plugin <= 1.2.2 - Arbitrary Settings Change vulnerability
Arbitrary Settings Change vulnerability found by Jerome Bruandet in WordPress Search Exclude plugin versions = 1.2.2. Solution Update the WordPress Search Exclude plugin to the latest available version at least 1.2.4...