Lucene search
K

14 matches found

NVD
NVD
added 2025/12/13 4:16 p.m.4 views

CVE-2025-14477

The 404 Solution plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 3.1.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This is due to improper sanitization of the filterText paramet...

4.9CVSS0.00308EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/05/22 8:11 a.m.6 views

CVE-2019-12570

A SQL injection vulnerability in the Xpert Solution "Server Status by Hostname/IP" plugin 4.6 for WordPress allows an authenticated user to execute arbitrary SQL commands via GET parameters...

8.8CVSS8.5AI score0.01733EPSS
Exploits2References1
CVE
CVE
added 2024/11/20 6:42 a.m.48 views

CVE-2024-11277

CVE-2024-11277 (404 Solution, WordPress) : The plugin is affected by a reflected Cross-Site Scripting (XSS) vulnerability via URLs in all versions up to 2.35.19. Exploitation requires a user to click a link, but does not require authentication. Root cause is insufficient input sanitization and ou...

6.1CVSS6.4AI score0.00309EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/11/19 8:2 p.m.5 views

WordPress 404 Solution plugin <= 2.35.19 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by Max Boll b0lli in WordPress Plugin 404 Solution versions = 2.35.19...

6.1CVSS6.3AI score0.00309EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/11/15 12:0 a.m.8 views

WordPress 404 Solution Plugin <= 2.35.17 is vulnerable to Sensitive Data Exposure

Software 404 Solution Type Plugin Vulnerable versions = 2.35.17 Fixed in 2.35.18 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-11094 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 1a6e5a5e1d1a Credits Max Boll b0lli Required...

5.3CVSS6.9AI score0.00374EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/03/12 12:0 a.m.12 views

WordPress 404 Solution Plugin < 2.35.8 is vulnerable to SQL Injection

Software 404 Solution Type Plugin Vulnerable versions 2.35.8 Fixed in 2.35.8 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-1068 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID a596100a0999 Credits Sumit Patel Required privilege Administrator Publishe...

7.2CVSS7.2AI score0.00756EPSS
Exploits2References4Affected Software1
Vulnrichment
Vulnrichment
added 2023/12/28 11:38 a.m.16 views

CVE-2023-50848 WordPress 404 Solution Plugin <= 2.34.0 is vulnerable to SQL Injection

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Aaron J 404 Solution.This issue affects 404 Solution: from n/a through 2.34.0...

7.6CVSS7.6AI score0.00541EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/12/28 11:38 a.m.25 views

CVE-2023-50848 WordPress 404 Solution Plugin <= 2.34.0 is vulnerable to SQL Injection

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Aaron J 404 Solution.This issue affects 404 Solution: from n/a through 2.34.0...

7.6CVSS8.1AI score0.00541EPSS
Exploits0References1
Patchstack
Patchstack
added 2023/12/28 12:0 a.m.19 views

WordPress 404 Solution Plugin <= 2.33.0 is vulnerable to Sensitive Data Exposure

Software 404 Solution Type Plugin Vulnerable versions = 2.33.0 Fixed in 2.33.1 OWASP Top 10 A9: Security Logging and Monitoring Failures Classification Sensitive Data Exposure CVE CVE-2023-52146 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 8e10ffdc1b34 Credits Joshua Ch...

5.3CVSS6.5AI score0.00435EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2023/11/08 12:0 a.m.5 views

PT-2023-30372 · WordPress · I Thirteen Web Solution Post Sliders & Post Grids

Name of the Vulnerable Software and Affected Versions: I Thirteen Web Solution Post Sliders & Post Grids plugin versions = 1.0.20 Description: The issue is related to an Authenticated admin+ Stored Cross-Site Scripting XSS vulnerability. This means that an attacker with administrative access can...

4.8CVSS5.3AI score0.00397EPSS
Exploits0References5
OSV
OSV
added 2023/08/14 2:15 p.m.5 views

CVE-2023-30477

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Essitco AFFILIATE Solution plugin = 1.0 versions...

4.8CVSS7.3AI score0.00366EPSS
Exploits0References1
NVD
NVD
added 2023/08/14 2:15 p.m.31 views

CVE-2023-30477

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Essitco AFFILIATE Solution plugin = 1.0 versions...

5.9CVSS5.4AI score0.00366EPSS
Exploits0References1
CVE
CVE
added 2023/08/14 1:57 p.m.49 views

CVE-2023-30477

CVE-2023-30477 describes a stored XSS in the WordPress plugin AFFILIATE Solution

5.9CVSS5AI score0.00366EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2017/10/17 12:0 a.m.3 views

WordPress Easy Contact Form Solution Plugin Cross-Site Scripting Vulnerability

WordPress is the WordPress Software Foundation a set of blogging platform developed using the PHP language , the platform supports PHP and MySQL server set up a personal blog site . Easy Contact Form Solution plugin is one of the contact form creation plugin . A cross-site scripting vulnerability...

6.1CVSS5.8AI score0.0118EPSS
Exploits1References1
Rows per page
Query Builder