30 matches found
WordPress Search Exclude plugin <= 2.4.9 - Missing Authorization to Unauthenticated Plugin Settings Modification vulnerability
Missing Authorization to Unauthenticated Plugin Settings Modification vulnerability discovered by Noah Stead TurtleBurg in WordPress Plugin Search Exclude versions = 2.4.9...
CVE-2025-10646
The Search Exclude plugin for WordPress is vulnerable to unauthorized modification of data due to a insufficient capability check on the Base::getrestpermission method in all versions up to, and including, 2.5.7. This makes it possible for authenticated attackers, with Contributor-level access an...
WordPress Search Exclude plugin <= 2.5.7 – Missing Authorization to Authenticated (Contributor+) Search Settings Modification via REST API vulnerability
Missing Authorization to Authenticated Contributor+ Search Settings Modification via REST API vulnerability discovered by Lucas Montes Nirox in WordPress Plugin Search Exclude versions = 2.5.7...
CVE-2025-10646
The Search Exclude plugin for WordPress is vulnerable to unauthorized modification of data due to a insufficient capability check on the Base::getrestpermission method in all versions up to, and including, 2.5.7. This makes it possible for authenticated attackers, with Contributor-level access an...
CVE-2025-10646
The CVE-2025-10646 relates to the WordPress Search Exclude plugin. Affected versions up to and including 2.5.7 have an insufficient capability check in the Base::get_rest_permission() method, allowing authenticated attackers with Contributor-level access or higher to modify plugin settings (e.g.,...
CVE-2025-10646 Search Exclude <= 2.5.7 – Missing Authorization to Authenticated (Contributor+) Search Settings Modification via REST API
The Search Exclude plugin for WordPress is vulnerable to unauthorized modification of data due to a insufficient capability check on the Base::getrestpermission method in all versions up to, and including, 2.5.7. This makes it possible for authenticated attackers, with Contributor-level access an...
CVE-2025-10646 Search Exclude <= 2.5.7 – Missing Authorization to Authenticated (Contributor+) Search Settings Modification via REST API
The Search Exclude plugin for WordPress is vulnerable to unauthorized modification of data due to a insufficient capability check on the Base::getrestpermission method in all versions up to, and including, 2.5.7. This makes it possible for authenticated attackers, with Contributor-level access an...
WordPress plugin Search Exclude 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
EUVD-2019-6806
Malware in sbrugna...
EUVD-2022-38999
Malicious code in bioql PyPI...
CVE-2019-15895
search-exclude.php in the "Search Exclude" plugin before 1.2.4 for WordPress allows unauthenticated options changes...
CVE-2025-2821
The Search Exclude plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the getrestpermission function in all versions up to, and including, 2.4.9. This makes it possible for unauthenticated attackers to modify plugin settings, excluding...
CVE-2025-2821 Search Exclude <= 2.4.9 - Missing Authorization to Unauthenticated Plugin Settings Modification
The Search Exclude plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the getrestpermission function in all versions up to, and including, 2.4.9. This makes it possible for unauthenticated attackers to modify plugin settings, excluding...
CVE-2025-2821 Search Exclude <= 2.4.9 - Missing Authorization to Unauthenticated Plugin Settings Modification
The Search Exclude plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the getrestpermission function in all versions up to, and including, 2.4.9. This makes it possible for unauthenticated attackers to modify plugin settings, excluding...
PT-2025-19897 · WordPress · Search Exclude
Name of the Vulnerable Software and Affected Versions: Search Exclude plugin for WordPress versions up to, and including, 2.4.9 Description: The issue allows unauthorized modification of data due to a missing capability check on the get rest permission function. This makes it possible for...
WordPress plugin Search Exclude 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
CVE-2022-36282
Authenticated editor+ Stored Cross-Site Scripting XSS vulnerability in Roman Pronskiy's Search Exclude plugin = 1.2.6 at WordPress...
CVE-2022-36282
Authenticated editor+ Stored Cross-Site Scripting XSS vulnerability in Roman Pronskiy's Search Exclude plugin = 1.2.6 at WordPress...
Cross site scripting
Authenticated editor+ Stored Cross-Site Scripting XSS vulnerability in Roman Pronskiy's Search Exclude plugin = 1.2.6 at WordPress...
CVE-2022-36282 WordPress Search Exclude plugin <= 1.2.6 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
Authenticated editor+ Stored Cross-Site Scripting XSS vulnerability in Roman Pronskiy's Search Exclude plugin = 1.2.6 at WordPress...