WordPress WP-Advanced-Search <= 3.3.9 - SQL Injection

The WordPress WP-Advanced-Search plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 3.3.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated...

CVE-2020-12104

The Import feature in the wp-advanced-search plugin 3.3.6 for WordPress is vulnerable to authenticated SQL injection via an uploaded .sql file. An attacker can use this to execute SQL commands without any validation...

EUVD-2020-4420

Malware in sbrugna...

EUVD-2025-11333

Malicious code in bioql PyPI...

EUVD-2022-50209

Malicious code in bioql PyPI...

CVE-2022-47447

Cross-Site Request Forgery CSRF vulnerability in Mathieu Chartier WordPress WP-Advanced-Search plugin = 3.3.8 versions...

CVE-2025-39538

Unrestricted Upload of File with Dangerous Type vulnerability in Mathieu Chartier WP-Advanced-Search wp-advanced-search allows Upload a Web Shell to a Web Server.This issue affects WP-Advanced-Search: from n/a through = 3.3.9.4...

CVE-2025-39538

Unrestricted Upload of File with Dangerous Type vulnerability in Mathieu Chartier WP-Advanced-Search wp-advanced-search allows Upload a Web Shell to a Web Server.This issue affects WP-Advanced-Search: from n/a through = 3.3.9.4...

CVE-2025-39538 WordPress WP-Advanced-Search plugin <= 3.3.9.4 - Arbitrary File Upload Vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Mathieu Chartier WP-Advanced-Search wp-advanced-search allows Upload a Web Shell to a Web Server.This issue affects WP-Advanced-Search: from n/a through = 3.3.9.4...

CVE-2025-39538 WordPress WP-Advanced-Search <= 3.3.9.3 - Arbitrary File Upload Vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Mathieu Chartier WP-Advanced-Search allows Upload a Web Shell to a Web Server. This issue affects WP-Advanced-Search: from n/a through 3.3.9.3...

WordPress plugin WP-Advanced-Search 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability...

CVE-2024-10554 WP-Advanced-Search < 3.3.9.3 - Admin+ Stored XSS

The WordPress WP-Advanced-Search WordPress plugin before 3.3.9.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite...

PT-2025-12741 · WordPress · Wp-Advanced-Search

Name of the Vulnerable Software and Affected Versions: WP-Advanced-Search versions prior to 3.3.9.3 Description: The issue concerns the WordPress WP-Advanced-Search plugin, where some settings are not properly sanitized and escaped. This could allow high-privilege users, such as admins, to perfor...

Exploit for SQL Injection in Internet-Formation Wp-Advanced-Search

CVE-2024-9796 WordPress WP-Advanced-Search = 3.3.9 - Unaut...

CVE-2024-9796

The WP-Advanced-Search WordPress plugin before 3.3.9.2 does not sanitize and escape the t parameter before using it in a SQL statement, allowing unauthenticated users to perform SQL injection attacks...

CVE-2024-9796 WP-Advanced-Search < 3.3.9.2 - Unauthenticated SQL Injection

The WP-Advanced-Search WordPress plugin before 3.3.9.2 does not sanitize and escape the t parameter before using it in a SQL statement, allowing unauthenticated users to perform SQL injection attacks...

WordPress plugin WP-Advanced-Search 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

WordPress WP-Advanced-Search Plugin < 3.3.9.2 is vulnerable to SQL Injection

Software WP-Advanced-Search Type Plugin Vulnerable versions 3.3.9.2 Fixed in 3.3.9.2 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-9796 Patch priority High CVSS severity High 9.3 Developer Claim ownership PSID 872f69a2765a Credits Wojciech Jezowski Required privilege...

CVE-2022-47447

CVE-2022-47447 concerns the WordPress WP-Advanced-Search plugin. A CSRF vulnerability affects versions ≤ 3.3.8, with a fix released in 3.3.9. Patchstack lists unauthenticated access, indicating potential CSRF abuse to trigger unintended actions in a user’s account. Remediation: upgrade to 3.3.9 o...

CVE-2022-47447 WordPress WP-Advanced-Search Plugin <= 3.3.8 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Mathieu Chartier WordPress WP-Advanced-Search plugin = 3.3.8 versions...