Lucene search
K
KunalnagarCustom 404 Pro

9 matches found

CVE
CVE
added 2019/08/30 4:12 p.m.338 views

CVE-2019-15838

The CVE-2019-15838 entry concerns the WordPress plugin custom-404-pro prior to version 3.2.8, where reflected XSS affects user input, per multiple sources (NVD, Red Hat, CNVD/PRION references). Remediation shown in related documents is to update to version 3.2.8 or later. The vulnerability is spe...

6.1CVSS6.2AI score0.0095EPSS
CVE
CVE
added 2023/05/30 7:49 a.m.81 views

CVE-2023-2023

The CVE-2023-2023 entry concerns the Custom 404 Pro WordPress plugin (versions before 3.7.3). The underlying issue is insufficient escaping of URLs output in attributes, causing reflected XSS via parameters (e.g., search). The Nuclei template and Patchstack data confirm this class of vulnerabilit...

6.1CVSS6.3AI score0.0171EPSS
CVE
CVE
added 2019/08/15 3:43 p.m.72 views

CVE-2019-14789

The CVE-2019-14789 entry concerns the Custom 404 Pro WordPress plugin prior to 3.2.8, with a cross-site scripting vulnerability reported via the wp-admin/admin.php?page=c4p-main parameter. Nuclei templates describe an XSS via the title parameter in Custom 404 Pro

6.1CVSS5.9AI score0.01869EPSS
Web
CVE
CVE
added 2024/02/01 10:11 a.m.62 views

CVE-2023-51540

CVE-2023-51540 is a stored Cross-Site Scripting vulnerability in WordPress plugin Custom 404 Pro (

7.1CVSS7.1AI score0.00354EPSS
CVE
CVE
added 2024/08/01 10:11 p.m.54 views

CVE-2024-39646

CVE-2024-39646 affects WordPress plugin Custom 404 Pro (versions

7.1CVSS5.9AI score0.00624EPSS
CVE
CVE
added 2023/01/18 2:18 p.m.42 views

CVE-2023-0385

The CVE-2023-0385 entry concerns the WordPress Custom 404 Pro plugin, vulnerable through CSRF due to missing/incorrect nonce validation in the custom_404_pro_admin_init function. Affected software: Custom 404 Pro plugin for WordPress, versions up to and including 3.7.1. Impact: unauthenticated at...

4.3CVSS4.3AI score0.00319EPSS
CVE
CVE
added 2023/06/27 1:17 p.m.41 views

CVE-2023-2032

CVE-2023-2032 affects the Custom 404 Pro WordPress plugin (pre-3.8.1). Root cause: improper sanitization of database inputs leading to multiple SQL Injection vulnerabilities. Impact: high (CVE base score 9.8). Remediation: upgrade to version 3.8.1 or later; patches/projects indicate the issue is ...

9.8CVSS10AI score0.00934EPSS
CVE
CVE
added 2023/08/30 10:50 a.m.41 views

CVE-2023-32740

CVE-2023-32740 is an unauthenticated, reflected Cross-Site Scripting (XSS) vulnerability in WordPress plugin Custom 404 Pro, affected

6.1CVSS5.7AI score0.00337EPSS
CVE
CVE
added 2023/04/12 2:41 p.m.38 views

CVE-2022-47605

CVE-2022-47605 concerns the WordPress plugin Custom 404 Pro by Kunal Nagar. A SQL Injection vulnerability affects versions

7.2CVSS7.6AI score0.00668EPSS