WordPress SmartSearch WP Plugin < 2.4.6 is vulnerable to Sensitive Data Exposure

Software SmartSearch WP Type Plugin Vulnerable versions 2.4.6 Fixed in 2.4.6 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-6845 Patch priority Medium CVSS severity Medium 5.8 Developer Claim ownership PSID e581162ffbea Credits Kieran Burge Required...

WordPress SmartSearch WP plugin <= 2.4.4 - Unauthenticated SQLi vulnerability

Unauthenticated SQLi vulnerability discovered by Karolis Narvilas in WordPress Plugin SmartSearch WP versions = 2.4.4...

CVE-2024-6847 SmartSearch WP <= 2.4.4 - Unauthenticated SQLi

The Chatbot with ChatGPT WordPress plugin before 2.4.5 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by unauthenticated users when submitting messages to the chatbot...

CVE-2024-6847 SmartSearch WP <= 2.4.4 - Unauthenticated SQLi

The Chatbot with ChatGPT WordPress plugin before 2.4.5 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by unauthenticated users when submitting messages to the chatbot...

WordPress SmartSearch WP Plugin <= 2.4.4 is vulnerable to SQL Injection

Software SmartSearch WP Type Plugin Vulnerable versions = 2.4.4 Fixed in 2.4.5 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-6847 Patch priority High CVSS severity High 9.3 Developer Claim ownership PSID 2bfe1eee61ea Credits Karolis Narvilas Required privilege Unauthenticat...

WordPress SmartSearch WP plugin <= 2.4.4 - Unauthenticated Stored XSS vulnerability

Unauthenticated Stored XSS vulnerability discovered by Karolis Narvilas in WordPress Plugin SmartSearch WP versions = 2.4.4...

CVE-2024-6843 SmartSearch WP <= 2.4.4 - Unauthenticated Stored XSS

The Chatbot with ChatGPT WordPress plugin before 2.4.5 does not sanitise and escape user inputs, which could allow unauthenticated users to perform Stored Cross-Site Scripting attacks against admins...

CVE-2024-6843 SmartSearch WP <= 2.4.4 - Unauthenticated Stored XSS

The Chatbot with ChatGPT WordPress plugin before 2.4.5 does not sanitise and escape user inputs, which could allow unauthenticated users to perform Stored Cross-Site Scripting attacks against admins...

WordPress SmartSearch WP Plugin <= 2.4.4 is vulnerable to Cross Site Scripting (XSS)

Software SmartSearch WP Type Plugin Vulnerable versions = 2.4.4 Fixed in 2.4.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6843 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 29f289a57217 Credits Karolis Narvilas...

WordPress plugin SmartSearch WP 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

Sql injection

SQL injection vulnerability in the "aWeb Cart Watching System for Virtuemart" extension before 2.6.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via vectors involving categorysearch and smartSearch...

CVE-2016-10114

SQL injection vulnerability in the "aWeb Cart Watching System for Virtuemart" extension before 2.6.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via vectors involving categorysearch and smartSearch...

thesmartsearch.net XSS vulnerability

Vulnerable URL: http://www.thesmartsearch.net/search?p="=Wanted4Bug=8458cce1-2f27-472f-82cc-c8dfdca18d77 Details: Description| Value ---|--- Patched:| Yes, at 28.07.2017 Latest check for patch:| 28.07.2017 13:20 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank|...

eider.co.kr XSS vulnerability

Vulnerable URL: http://www.eider.co.kr/smartSearch.do Details: Description| Value ---|--- Patched:| Yes, at 26.07.2017 Latest check for patch:| 26.07.2017 16:17 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 388953 Google Pagerank| 3 VIP website status:| No Che...