Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 10:42 a.m.9 views

CVE-2024-9796

The WP-Advanced-Search WordPress plugin before 3.3.9.2 does not sanitize and escape the t parameter before using it in a SQL statement, allowing unauthenticated users to perform SQL injection attacks...

9.8CVSS7.6AI score0.02991EPSS
Exploits4References1
Cvelist
Cvelist
added 2024/10/10 7:38 a.m.28 views

CVE-2024-9796 WP-Advanced-Search < 3.3.9.2 - Unauthenticated SQL Injection

The WP-Advanced-Search WordPress plugin before 3.3.9.2 does not sanitize and escape the t parameter before using it in a SQL statement, allowing unauthenticated users to perform SQL injection attacks...

0.02991EPSS
Exploits4References1
Vulnrichment
Vulnrichment
added 2024/10/10 7:38 a.m.15 views

CVE-2024-9796 WP-Advanced-Search < 3.3.9.2 - Unauthenticated SQL Injection

The WP-Advanced-Search WordPress plugin before 3.3.9.2 does not sanitize and escape the t parameter before using it in a SQL statement, allowing unauthenticated users to perform SQL injection attacks...

7.7AI score0.02991EPSS
Exploits4References1
Patchstack
Patchstack
added 2024/10/10 12:0 a.m.25 views

WordPress WP-Advanced-Search Plugin < 3.3.9.2 is vulnerable to SQL Injection

Software WP-Advanced-Search Type Plugin Vulnerable versions 3.3.9.2 Fixed in 3.3.9.2 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-9796 Patch priority High CVSS severity High 9.3 Developer Claim ownership PSID 872f69a2765a Credits Wojciech Jezowski Required privilege...

9.8CVSS6.9AI score0.02991EPSS
Exploits4References3Affected Software1
Rows per page
Query Builder