Lucene search
Wp-Advanced-Search Security Vulnerabilities
cve
The Import feature in the wp-advanced-search plugin 3.3.6 for WordPress is vulnerable to authenticated SQL injection via an uploaded .sql file. An attacker can use this to execute SQL commands without any validation.
8.8CVSS
9AI Score
0.001EPSS
2020-05-05 03:15 PM
66
cve
Cross-Site Request Forgery (CSRF) vulnerability in Mathieu Chartier WordPress WP-Advanced-Search plugin <= 3.3.8 versions.
8.8CVSS
8.8AI Score
0.001EPSS
2023-05-24 05:15 PM
30