Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 9:48 a.m.9 views

CVE-2024-6481

The Search & Filter Pro WordPress plugin before 2.5.18 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS5.7AI score0.00294EPSS
Exploits1
Cvelist
Cvelist
added 2024/08/08 6:0 a.m.21 views

CVE-2024-6481 Search Filter Pro < 2.5.18 - Admin+ Stored XSS

The Search & Filter Pro WordPress plugin before 2.5.18 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

0.00294EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/08/08 6:0 a.m.36 views

CVE-2024-6481 Search Filter Pro < 2.5.18 - Admin+ Stored XSS

The Search & Filter Pro WordPress plugin before 2.5.18 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.4AI score0.00294EPSS
Exploits1References1
Patchstack
Patchstack
added 2024/08/08 12:0 a.m.12 views

WordPress Search Filter Pro Plugin < 2.5.18 is vulnerable to Cross Site Scripting (XSS)

Software Search Filter Pro Type Plugin Vulnerable versions 2.5.18 Fixed in 2.5.18 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6481 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 0f5364627440 Credits Felipe Caon Required...

4.8CVSS5.8AI score0.00294EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder