CVE-2022-0780

The SearchIQ WordPress plugin before 3.9 contains a flag to disable the verification of CSRF nonces, granting unauthenticated attackers access to the siqajax AJAX action and allowing them to perform Cross-Site Scripting attacks due to the lack of sanitisation and escaping in the customCss paramet...

EUVD-2024-33544

Malicious code in bioql PyPI...

EUVD-2024-53996

Malicious code in bioql PyPI...

WordPress SearchIQ plugin <= 4.7 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by muhammad yudha in WordPress Plugin SearchIQ versions = 4.7...

CVE-2025-30867 WordPress SearchIQ plugin <= 4.7 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in SearchIQ SearchIQ searchiq allows Stored XSS.This issue affects SearchIQ: from n/a through = 4.7...

CVE-2024-13350

The SearchIQ – The Search Solution plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'siqsearchbox' shortcode in all versions up to, and including, 4.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible f...

CVE-2024-13350

The SearchIQ – The Search Solution plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'siqsearchbox' shortcode in all versions up to, and including, 4.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible f...

CVE-2024-13350

CVE-2024-13350 affects the WordPress plugin SearchIQ – The Search Solution, specifically the siq_searchbox shortcode. The vulnerability is stored Cross-Site Scripting caused by insufficient input sanitization and output escaping on user-supplied attributes in versions up to and including 4.7. Exp...

CVE-2024-13350 SearchIQ – The Search Solution <= 4.7 - Authenticated (Contributor+) Stored Cross-Site Scripting

The SearchIQ – The Search Solution plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'siqsearchbox' shortcode in all versions up to, and including, 4.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible f...

CVE-2024-13350 SearchIQ – The Search Solution <= 4.7 - Authenticated (Contributor+) Stored Cross-Site Scripting

The SearchIQ – The Search Solution plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'siqsearchbox' shortcode in all versions up to, and including, 4.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible f...

PT-2025-9794 · WordPress · Searchiq

Name of the Vulnerable Software and Affected Versions: The SearchIQ – The Search Solution plugin for WordPress versions up to, and including, 4.7 Description: The issue arises from insufficient input sanitization and output escaping on user-supplied attributes in the siq searchbox shortcode. This...

CVE-2024-56229 WordPress SearchIQ plugin <= 4.6 - Cross-Site Requst Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in SearchIQ SearchIQ searchiq.This issue affects SearchIQ: from n/a through = 4.6...

WordPress plugin SearchIQ 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request...

CVE-2023-47832 WordPress SearchIQ plugin <= 4.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in SearchIQ SearchIQ searchiq allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SearchIQ: from n/a through = 4.4...

WordPress plugin SearchIQ 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...

CVE-2024-10885

CVE-2024-10885 covers a Stored XSS in the WordPress plugin “SearchIQ – The Search Solution” (shortcode siq_searchbox). All versions up to and including 4.6 are affected due to insufficient input sanitization and output escaping on user-supplied attributes. Exploitation is limited to authenticated...

CVE-2024-31259 WordPress SearchIQ plugin <= 4.5 - Sensitive Data Exposure via Log File vulnerability

Insertion of Sensitive Information into Log File vulnerability in Searchiq SearchIQ.This issue affects SearchIQ: from n/a through 4.5...

WordPress SearchIQ Plugin <= 4.4 is vulnerable to Broken Access Control

Software SearchIQ Type Plugin Vulnerable versions = 4.4 Fixed in 4.5 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-47832 Patch priority Medium CVSS severity Medium 5.3 Developer Claim ownership PSID ebe24eb2b5d2 Credits Mika Required privilege...

WordPress SearchIQ plugin cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. The platform supports personal blogging sites on PHP and MySQL servers. WordPress plugin is an application plugin. WordPress SearchIQ plugin has...

WordPress plugin 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. The platform supports personal blogging sites on PHP and MySQL servers. WordPress plugin is an application plugin. WordPress SearchIQ plugin has...