71 matches found
CVE-2022-0780
The SearchIQ WordPress plugin before 3.9 contains a flag to disable the verification of CSRF nonces, granting unauthenticated attackers access to the siqajax AJAX action and allowing them to perform Cross-Site Scripting attacks due to the lack of sanitisation and escaping in the customCss paramet...
EUVD-2024-53996
Malicious code in bioql PyPI...
EUVD-2024-33544
Malicious code in bioql PyPI...
EUVD-2024-53027
Malicious code in bioql PyPI...
EUVD-2025-8330
Malicious code in bioql PyPI...
EUVD-2024-29155
Malicious code in bioql PyPI...
EUVD-2023-51927
Malicious code in bioql PyPI...
CVE-2024-56229
Cross-Site Request Forgery CSRF vulnerability in SearchIQ SearchIQ searchiq.This issue affects SearchIQ: from n/a through = 4.6...
CVE-2023-47832
Missing Authorization vulnerability in SearchIQ SearchIQ searchiq allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SearchIQ: from n/a through = 4.4...
CVE-2025-30867
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in SearchIQ SearchIQ searchiq allows Stored XSS.This issue affects SearchIQ: from n/a through = 4.7...
CVE-2025-30867
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in SearchIQ SearchIQ searchiq allows Stored XSS.This issue affects SearchIQ: from n/a through = 4.7...
CVE-2025-30867
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in SearchIQ SearchIQ searchiq allows Stored XSS.This issue affects SearchIQ: from n/a through = 4.7...
CVE-2025-30867
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in SearchIQ SearchIQ allows Stored XSS. This issue affects SearchIQ: from n/a through 4.7...
WordPress SearchIQ plugin <= 4.7 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by muhammad yudha in WordPress Plugin SearchIQ versions = 4.7...
CVE-2025-30867 WordPress SearchIQ plugin <= 4.7 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in SearchIQ SearchIQ searchiq allows Stored XSS.This issue affects SearchIQ: from n/a through = 4.7...
CVE-2025-30867
CVE-2025-30867 is a Stored XSS affecting the SearchIQ WordPress plugin (pre-4.7). The Wordfence database entry lists it as an authenticated vulnerability (Contributor+ required) with patch status Patched, and the CVE appears in the Wordfence vulnerability details, tying the issue to Cross-site Sc...
WordPress plugin SearchIQ 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
CVE-2024-13350
The SearchIQ – The Search Solution plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'siqsearchbox' shortcode in all versions up to, and including, 4.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible f...
CVE-2024-13350
The SearchIQ – The Search Solution plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'siqsearchbox' shortcode in all versions up to, and including, 4.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible f...
CVE-2024-13350
The SearchIQ – The Search Solution plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'siqsearchbox' shortcode in all versions up to, and including, 4.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible f...