Malware Scanner Security Vulnerabilities and Issues — Malware Scanner CVE List

Lucene search

MiniorangeMalware Scanner

4 matches found

CVE•added 2024/02/28 1:15 p.m.•103 views

CVE-2024-25902

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in miniorange Malware Scanner.This issue affects Malware Scanner: from n/a through 4.7.2.

7.6CVSS8AI score0.0041EPSS

CVE•added 2024/03/13 4:15 p.m.•55 views

CVE-2024-2172

The Malware Scanner plugin and the Web Application Firewall plugin for WordPress (both by MiniOrange) are vulnerable to privilege escalation due to a missing capability check on the mo_wpns_init() function in all versions up to, and including, 4.7.2 (for Malware Scanner) and 2.1.1 (for Web Applicat...

9.8CVSS9.6AI score0.00774EPSS

CVE•added 2022/06/27 9:15 a.m.•54 views

CVE-2022-1995

The Malware Scanner WordPress plugin before 4.5.2 does not sanitise and escape some of its settings, leading to malicious users with administrator privileges to store malicious Javascript code leading to Cross-Site Scripting attacks when unfiltered_html is disallowed (for example in multisite setup...

4.8CVSS4.9AI score0.00301EPSS

CVE•added 2024/06/04 1:15 p.m.•36 views

CVE-2023-52176

Authentication Bypass by Spoofing vulnerability in miniorange Malware Scanner allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Malware Scanner: from n/a through 4.7.1.

5.3CVSS5.3AI score0.00104EPSS