14 matches found
CVE-2025-14477
The 404 Solution plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 3.1.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This is due to improper sanitization of the filterText paramet...
CVE-2019-12570
A SQL injection vulnerability in the Xpert Solution "Server Status by Hostname/IP" plugin 4.6 for WordPress allows an authenticated user to execute arbitrary SQL commands via GET parameters...
CVE-2024-11277
CVE-2024-11277 (404 Solution, WordPress) : The plugin is affected by a reflected Cross-Site Scripting (XSS) vulnerability via URLs in all versions up to 2.35.19. Exploitation requires a user to click a link, but does not require authentication. Root cause is insufficient input sanitization and ou...
WordPress 404 Solution plugin <= 2.35.19 - Reflected Cross-Site Scripting vulnerability
Reflected Cross-Site Scripting vulnerability discovered by Max Boll b0lli in WordPress Plugin 404 Solution versions = 2.35.19...
WordPress 404 Solution Plugin <= 2.35.17 is vulnerable to Sensitive Data Exposure
Software 404 Solution Type Plugin Vulnerable versions = 2.35.17 Fixed in 2.35.18 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-11094 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 1a6e5a5e1d1a Credits Max Boll b0lli Required...
WordPress 404 Solution Plugin < 2.35.8 is vulnerable to SQL Injection
Software 404 Solution Type Plugin Vulnerable versions 2.35.8 Fixed in 2.35.8 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-1068 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID a596100a0999 Credits Sumit Patel Required privilege Administrator Publishe...
CVE-2023-50848 WordPress 404 Solution Plugin <= 2.34.0 is vulnerable to SQL Injection
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Aaron J 404 Solution.This issue affects 404 Solution: from n/a through 2.34.0...
CVE-2023-50848 WordPress 404 Solution Plugin <= 2.34.0 is vulnerable to SQL Injection
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Aaron J 404 Solution.This issue affects 404 Solution: from n/a through 2.34.0...
WordPress 404 Solution Plugin <= 2.33.0 is vulnerable to Sensitive Data Exposure
Software 404 Solution Type Plugin Vulnerable versions = 2.33.0 Fixed in 2.33.1 OWASP Top 10 A9: Security Logging and Monitoring Failures Classification Sensitive Data Exposure CVE CVE-2023-52146 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 8e10ffdc1b34 Credits Joshua Ch...
PT-2023-30372 · WordPress · I Thirteen Web Solution Post Sliders & Post Grids
Name of the Vulnerable Software and Affected Versions: I Thirteen Web Solution Post Sliders & Post Grids plugin versions = 1.0.20 Description: The issue is related to an Authenticated admin+ Stored Cross-Site Scripting XSS vulnerability. This means that an attacker with administrative access can...
CVE-2023-30477
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Essitco AFFILIATE Solution plugin = 1.0 versions...
CVE-2023-30477
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Essitco AFFILIATE Solution plugin = 1.0 versions...
CVE-2023-30477
CVE-2023-30477 describes a stored XSS in the WordPress plugin AFFILIATE Solution
WordPress Easy Contact Form Solution Plugin Cross-Site Scripting Vulnerability
WordPress is the WordPress Software Foundation a set of blogging platform developed using the PHP language , the platform supports PHP and MySQL server set up a personal blog site . Easy Contact Form Solution plugin is one of the contact form creation plugin . A cross-site scripting vulnerability...