CVE-2026-27357

Missing Authorization vulnerability in Cornel Raiu WP Search Analytics allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Search Analytics: from n/a before 1.5.0...

CVE-2026-27357 WordPress WP Search Analytics plugin < 1.5.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in Cornel Raiu WP Search Analytics allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Search Analytics: from n/a before 1.5.0...

WordPress Search Exclude plugin <= 2.5.7 – Missing Authorization to Authenticated (Contributor+) Search Settings Modification via REST API vulnerability

Missing Authorization to Authenticated Contributor+ Search Settings Modification via REST API vulnerability discovered by Lucas Montes Nirox in WordPress Plugin Search Exclude versions = 2.5.7...

CVE-2025-49304 WordPress Search with Typesense plugin <= 2.0.10 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodeManas Search with Typesense search-with-typesense allows Stored XSS.This issue affects Search with Typesense: from n/a through = 2.0.10...

CVE-2025-49304 WordPress Search with Typesense plugin <= 2.0.10 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodeManas Search with Typesense search-with-typesense allows Stored XSS.This issue affects Search with Typesense: from n/a through = 2.0.10...

CVE-2024-43229

Missing Authorization vulnerability in Cornel Raiu WP Search Analytics search-analytics.This issue affects WP Search Analytics: from n/a through = 1.4.9...

CVE-2022-40218

Missing Authorization vulnerability in ThemeHunk Advance WordPress Search Plugin.This issue affects Advance WordPress Search Plugin: from n/a through 1.1.4...

CVE-2024-11299 Memberpress <= 1.11.37 - Unauthenticated Content Restriction Bypass to Sensitive Information Exposure

The Memberpress plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.11.37 via the WordPress core search feature. This makes it possible for unauthenticated attackers to extract sensitive data from posts that have been restricted to...

CVE-2024-11282

The Passster – Password Protect Pages and Content plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.2.10 via the WordPress core search feature. This makes it possible for unauthenticated attackers to extract sensitive data from posts that...

CVE-2024-11291

The Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.13.4 via the WordPress core search feature. This makes it possible for unauthenticated...

PT-2024-16886 · WordPress · Paid Membership Subscriptions

Name of the Vulnerable Software and Affected Versions: Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction plugin for WordPress versions up to, and including, 2.13.4 Description: The vulnerability allows unauthenticated attackers to extract sensitive...

CVE-2024-11088

The Simple Membership plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.5.5 via the WordPress core search feature. This makes it possible for unauthenticated attackers to extract sensitive data from posts that have been restricted to...

WordPress Search order by product SKU for WooCommerce Plugin <= 0.2 is vulnerable to Cross Site Scripting (XSS)

Software Search order by product SKU for WooCommerce Type Plugin Vulnerable versions = 0.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51693 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 613fdf38f761 Credits thiennv...

WordPress Search Filter Pro Plugin < 2.5.18 is vulnerable to Cross Site Scripting (XSS)

Software Search Filter Pro Type Plugin Vulnerable versions 2.5.18 Fixed in 2.5.18 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6481 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 0f5364627440 Credits Felipe Caon Required...

CVE-2022-40218

Missing Authorization vulnerability in ThemeHunk Advance WordPress Search Plugin.This issue affects Advance WordPress Search Plugin: from n/a through 1.1.4...

CVE-2022-40218

Missing Authorization vulnerability in ThemeHunk Advance WordPress Search Plugin.This issue affects Advance WordPress Search Plugin: from n/a through 1.1.4...

CVE-2022-40218 WordPress TH Advance Product Search plugin <= 1.1.4 - Unauthenticated Plugin Settings Change vulnerability

Missing Authorization vulnerability in ThemeHunk Advance WordPress Search Plugin.This issue affects Advance WordPress Search Plugin: from n/a through 1.1.4...

WordPress Search Keyword Redirect Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS)

Software Search Keyword Redirect Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-32080 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 9a5522e4a000 Credits Sharanabasappa Required privilege...

CVE-2022-38057

Missing Authorization vulnerability in ThemeHunk Advance WordPress Search Plugin.This issue affects Advance WordPress Search Plugin: from n/a through 1.2.1...

CVE-2022-38057

Missing Authorization vulnerability in ThemeHunk Advance WordPress Search Plugin.This issue affects Advance WordPress Search Plugin: from n/a through 1.2.1...