WordPress WP-Advanced-Search <= 3.3.9 - SQL Injection

The WordPress WP-Advanced-Search plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 3.3.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated...

CVE-2020-12104

The Import feature in the wp-advanced-search plugin 3.3.6 for WordPress is vulnerable to authenticated SQL injection via an uploaded .sql file. An attacker can use this to execute SQL commands without any validation...

EUVD-2020-4420

Malware in sbrugna...

EUVD-2025-2983

Malicious code in bioql PyPI...

EUVD-2025-11333

Malicious code in bioql PyPI...

EUVD-2022-50209

Malicious code in bioql PyPI...

CVE-2025-57945

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in cedcommerce WP Advanced PDF wp-advanced-pdf allows Stored XSS.This issue affects WP Advanced PDF: from n/a through = 1.1.7...

CVE-2025-57945

CVE-2025-57945 is an Stored XSS vulnerability in WP Advanced PDF affecting WP Advanced PDF versions from n/a up to and including 1.1.7. The CVE is documented with a CVSS v3.1 base score of 5.9 (Medium) and an attack vector over the network, with user interaction required. The connected Wordfence ...

CVE-2022-47447

Cross-Site Request Forgery CSRF vulnerability in Mathieu Chartier WordPress WP-Advanced-Search plugin = 3.3.8 versions...

CVE-2025-39538

Unrestricted Upload of File with Dangerous Type vulnerability in Mathieu Chartier WP-Advanced-Search wp-advanced-search allows Upload a Web Shell to a Web Server.This issue affects WP-Advanced-Search: from n/a through = 3.3.9.4...

CVE-2025-39538

Unrestricted Upload of File with Dangerous Type vulnerability in Mathieu Chartier WP-Advanced-Search wp-advanced-search allows Upload a Web Shell to a Web Server.This issue affects WP-Advanced-Search: from n/a through = 3.3.9.4...

CVE-2025-39538 WordPress WP-Advanced-Search plugin <= 3.3.9.4 - Arbitrary File Upload Vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Mathieu Chartier WP-Advanced-Search wp-advanced-search allows Upload a Web Shell to a Web Server.This issue affects WP-Advanced-Search: from n/a through = 3.3.9.4...

CVE-2025-39538 WordPress WP-Advanced-Search <= 3.3.9.3 - Arbitrary File Upload Vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Mathieu Chartier WP-Advanced-Search allows Upload a Web Shell to a Web Server. This issue affects WP-Advanced-Search: from n/a through 3.3.9.3...

WordPress plugin WP-Advanced-Search 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability...

CVE-2024-10554 WP-Advanced-Search < 3.3.9.3 - Admin+ Stored XSS

The WordPress WP-Advanced-Search WordPress plugin before 3.3.9.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite...

PT-2025-12741 · WordPress · Wp-Advanced-Search

Name of the Vulnerable Software and Affected Versions: WP-Advanced-Search versions prior to 3.3.9.3 Description: The issue concerns the WordPress WP-Advanced-Search plugin, where some settings are not properly sanitized and escaped. This could allow high-privilege users, such as admins, to perfor...

CVE-2025-22772

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in stephanemartinw Mapbox for WP Advanced mapbox-for-wp-advanced allows Reflected XSS.This issue affects Mapbox for WP Advanced: from n/a through = 1.0.0...

CVE-2025-22772

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in stephanemartinw Mapbox for WP Advanced mapbox-for-wp-advanced allows Reflected XSS.This issue affects Mapbox for WP Advanced: from n/a through = 1.0.0...

CVE-2025-22772 WordPress Mapbox for WP Advanced Plugin <= 1.0.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in stephanemartinw Mapbox for WP Advanced mapbox-for-wp-advanced allows Reflected XSS.This issue affects Mapbox for WP Advanced: from n/a through = 1.0.0...

CVE-2025-22772

CVE-2025-22772 denotes a Reflected Cross-Site Scripting (XSS) vulnerability in the WordPress plugin/package Mapbox for WP Advanced (notFound feature). The root cause, per the description, is the Improp er Neutralization of Input During Web Page Generation . It affects the component that handles N...