13 matches found
EUVD-2025-11322
Malicious code in bioql PyPI...
CVE-2025-39530
Cross-Site Request Forgery CSRF vulnerability in dsky Site Search 360 site-search-360 allows Stored XSS.This issue affects Site Search 360: from n/a through = 2.1.8...
CVE-2025-39530
Cross-Site Request Forgery CSRF vulnerability in dsky Site Search 360 site-search-360 allows Stored XSS.This issue affects Site Search 360: from n/a through = 2.1.8...
CVE-2025-39530
CVE-2025-39530 refers to a CSRF-to-Stored-XSS vulnerability in the WordPress plugin “Site Search 360” (WordPress Site Search 360) affecting versions up to 2.1.7. The NVD entry and Red Hat advisory describe cross-site request forgery that enables stored XSS with a CVSS v3.1 base score of 7.1 (HIGH...
CVE-2025-39530 WordPress Site Search 360 plugin <= 2.1.8 - Cross Site Request Forgery (CSRF) to stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in dsky Site Search 360 site-search-360 allows Stored XSS.This issue affects Site Search 360: from n/a through = 2.1.8...
CVE-2025-39530 WordPress Site Search 360 plugin <= 2.1.7 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in dsky Site Search 360 allows Stored XSS. This issue affects Site Search 360: from n/a through 2.1.7...
WordPress plugin Site Search 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...
CVE-2024-11780
The Site Search 360 plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ss360-resultblock' shortcode in all versions up to, and including, 2.1.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2024-11780
The Site Search 360 plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ss360-resultblock' shortcode in all versions up to, and including, 2.1.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2024-11780 Site Search 360 <= 2.1.6 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Site Search 360 plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ss360-resultblock' shortcode in all versions up to, and including, 2.1.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2024-11780
CVE-2024-11780 : Site Search 360 for WordPress is affected by a Stored Cross‑Site Scripting vulnerability in all versions up to 2.1.6 via the ss360-resultblock shortcode, caused by insufficient input sanitization and output escaping. Exploitation requires authentication at contributor level or hi...
CVE-2024-11780 Site Search 360 <= 2.1.6 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Site Search 360 plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ss360-resultblock' shortcode in all versions up to, and including, 2.1.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
WordPress Site Search 360 plugin <= 2.1.6 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zaim in WordPress Plugin Site Search 360 versions = 2.1.6...