Lucene search
K

30 matches found

CVE
CVE
added 2022/08/23 3:46 p.m.66 views

CVE-2022-36282

CVE-2022-36282 affects WordPress: Roman Pronskiy’s Search Exclude plugin, versions 1.2.6 and earlier. It is an authenticated Stored Cross-Site Scripting (XSS) flaw exploitable by users with editor+ privileges, due to insufficient sanitization/escaping of input data. The vulnerability impacts page...

5.4CVSS5AI score0.0042EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2022/08/23 3:46 p.m.10 views

CVE-2022-36282 WordPress Search Exclude plugin <= 1.2.6 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated editor+ Stored Cross-Site Scripting XSS vulnerability in Roman Pronskiy's Search Exclude plugin = 1.2.6 at WordPress...

4.8CVSS4.9AI score0.0042EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/08/23 12:0 a.m.5 views

PT-2022-23289 · Roman Pronskiy · Search Exclude

Name of the Vulnerable Software and Affected Versions: Roman Pronskiy's Search Exclude plugin versions 1.2.6 and earlier Description: The issue is related to an Authenticated Stored Cross-Site Scripting XSS vulnerability. This means that an attacker with editor or higher privileges can inject...

5.4CVSS5.1AI score0.0042EPSS
Exploits0References5
CNNVD
CNNVD
added 2022/08/23 12:0 a.m.3 views

WordPress plugin Search Exclude 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

5.4CVSS5.3AI score0.0042EPSS
Exploits0References4
Patchstack
Patchstack
added 2022/08/22 12:0 a.m.23 views

WordPress Search Exclude plugin <= 1.2.6 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Muhammad Daffa Patchstack Alliance in WordPress Search Exclude plugin versions = 1.2.6. Solution Update the WordPress Search Exclude plugin to the latest available version at least 1.2.7...

5.4CVSS3AI score0.0042EPSS
Exploits0Affected Software1
CNVD
CNVD
added 2019/09/12 12:0 a.m.1 views

WordPress Search Exclude Plugin Access Control Error Vulnerability

WordPress is the WordPress Foundation's set of blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.Search Exclude is a search results exclusion plugin used in it. An access control error vulnerability exists in the WordPress Searc...

7.5CVSS6.6AI score0.01695EPSS
Exploits0References1
OSV
OSV
added 2019/09/09 1:15 p.m.4 views

CVE-2019-15895

search-exclude.php in the "Search Exclude" plugin before 1.2.4 for WordPress allows unauthenticated options changes...

7.5CVSS7.1AI score0.01695EPSS
Exploits0References3
Cvelist
Cvelist
added 2019/09/09 12:54 p.m.28 views

CVE-2019-15895

search-exclude.php in the "Search Exclude" plugin before 1.2.4 for WordPress allows unauthenticated options changes...

7.7AI score0.01695EPSS
Exploits0References3
CVE
CVE
added 2019/09/09 12:54 p.m.40 views

CVE-2019-15895

The vulnerability CVE-2019-15895 affects the WordPress Search Exclude plugin prior to version 1.2.4, due to an access control error that allows unauthenticated changes to plugin options. This enables an attacker to perform arbitrary settings changes without authentication, exposing the plugin’s c...

7.5CVSS7.6AI score0.01695EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2019/09/08 12:0 a.m.23 views

WordPress Search Exclude plugin <= 1.2.2 - Arbitrary Settings Change vulnerability

Arbitrary Settings Change vulnerability found by Jerome Bruandet in WordPress Search Exclude plugin versions = 1.2.2. Solution Update the WordPress Search Exclude plugin to the latest available version at least 1.2.4...

7.5CVSS3.1AI score0.01695EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder