CVE-2020-36852

The Custom Searchable Data Entry System plugin for WordPress is vulnerable to unauthenticated database wiping in versions up to, and including 1.7.1, due to a missing capability check and lack of sufficient validation on the ghazalesdsdeleteentriestablerow function. This makes it possible for...

CVE-2020-36852 Custom Searchable Data Entry System <= 1.7.1 - Unauthenticated Database Wiping

The Custom Searchable Data Entry System plugin for WordPress is vulnerable to unauthenticated database wiping in versions up to, and including 1.7.1, due to a missing capability check and lack of sufficient validation on the ghazalesdsdeleteentriestablerow function. This makes it possible for...

CVE-2020-36852

The WordPress plugin Custom Searchable Data Entry System (versions ≤ 1.7.1) is vulnerable to unauthenticated database wiping due to a missing capability check and inadequate validation in ghazale_sds_delete_entries_table_row(). This allows unauthenticated attackers to wipe tables (e.g., wp_users)...

CVE-2020-36852 Custom Searchable Data Entry System <= 1.7.1 - Unauthenticated Database Wiping

The Custom Searchable Data Entry System plugin for WordPress is vulnerable to unauthenticated database wiping in versions up to, and including 1.7.1, due to a missing capability check and lack of sufficient validation on the ghazalesdsdeleteentriestablerow function. This makes it possible for...

PT-2025-40063

Name of the Vulnerable Software and Affected Versions Custom Searchable Data Entry System plugin for WordPress versions up to and including 1.7.1 Description The Custom Searchable Data Entry System plugin for WordPress is susceptible to unauthenticated database wiping. This is due to a missing...

WordPress plugin Custom Searchable Data Entry System 安全漏洞

WordPress Custom Searchable Data Entry System plugin is a plugin for creating a searchable data entry system in your website that allows users to fill in information based on specific criteria and enables data matching queries. The WordPress Custom Searchable Data Entry System plugin suffers from...

CVE-2020-10817

The custom-searchable-data-entry-system aka Custom Searchable Data Entry System plugin through 1.7.1 for WordPress allows SQL Injection. NOTE: this product is discontinued...

CVE-2020-10817

The CVE-2020-10817 entry describes a SQL injection vulnerability in the WordPress plugin “custom-searchable-data-entry-system” (aka Custom Searchable Data Entry System) up to version 1.7.1. The root cause is lack of input validation when constructing or handling SQL statements, enabling an attack...

Custom Searchable Data Entry System <= 1.7.1 - Unauthenticated Data Modification and Deletion

The estimated 2,000+ sites running the plugin are vulnerable to Unauthenticated Data Modification and Deletion, including the potential to delete the entire contents of any table in a vulnerable site’s database...