Custom 404 Pro Security Vulnerabilities and Issues — Custom 404 Pro CVE List

Lucene search

KunalnagarCustom 404 Pro

5 matches found

CVE•added 2023/05/30 8:15 a.m.•49 views

CVE-2023-2023

The Custom 404 Pro WordPress plugin before 3.7.3 does not escape some URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting.

6.1CVSS6.3AI score0.76554EPSS

CVE•added 2023/01/18 3:15 p.m.•29 views

CVE-2023-0385

The Custom 404 Pro plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.7.1. This is due to missing or incorrect nonce validation on the custom_404_pro_admin_init function. This makes it possible for unauthenticated attackers to delete logs, via forge...

4.3CVSS4.3AI score0.00078EPSS

CVE•added 2023/06/27 2:15 p.m.•24 views

CVE-2023-2032

The Custom 404 Pro WordPress plugin before 3.8.1 does not properly sanitize database inputs, leading to multiple SQL Injection vulnerabilities.

9.8CVSS10AI score0.00196EPSS

CVE•added 2023/08/30 11:15 a.m.•24 views

CVE-2023-32740

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Kunal Nagar Custom 404 Pro plugin

6.1CVSS5.7AI score0.0007EPSS

CVE•added 2023/04/12 3:15 p.m.•23 views

CVE-2022-47605

Auth. SQL Injection') vulnerability in Kunal Nagar Custom 404 Pro plugin

8.3CVSS7.6AI score0.00164EPSS