Advanced Database Cleaner Security Vulnerabilities and Issues — Advanced Database Cleaner CVE List

Lucene search

SigmapluginAdvanced Database Cleaner

6 matches found

CVE•added 2022/02/21 11:15 a.m.•90 views

CVE-2021-24921

The Advanced Database Cleaner WordPress plugin before 3.0.4 does not sanitise and escape $_GET keys and values before outputting them back in attributes, leading to Reflected Cross-Site Scripting issues

6.1CVSS6AI score0.00199EPSS

CVE•added 2022/07/17 11:15 a.m.•53 views

CVE-2022-2173

The Advanced Database Cleaner WordPress plugin before 3.1.1 does not escape numerous generated URLs before outputting them back in href attributes of admin dashboard pages, leading to Reflected Cross-Site Scripting

6.1CVSS6.1AI score0.00275EPSS

CVE•added 2024/02/05 10:16 p.m.•37 views

CVE-2024-0668

The Advanced Database Cleaner plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.1.3 via deserialization of untrusted input in the 'process_bulk_action' function. This makes it possible for authenticated attacker, with administrator access and above, ...

7.2CVSS7.6AI score0.00751EPSS

CVE•added 2023/12/19 9:15 p.m.•34 views

CVE-2023-49764

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Younes JFR. Advanced Database Cleaner.This issue affects Advanced Database Cleaner: from n/a through 3.1.2.

7.6CVSS7.6AI score0.00139EPSS

CVE•added 2021/03/18 3:15 p.m.•33 views

CVE-2021-24141

Unvaludated input in the Advanced Database Cleaner plugin, versions before 3.0.2, lead to SQL injection allowing high privilege users (admin+) to perform SQL attacks.

7.2CVSS7.2AI score0.00534EPSS

CVE•added 2023/05/23 3:15 p.m.•32 views

CVE-2022-46813

Cross-Site Request Forgery (CSRF) vulnerability in Younes JFR. Advanced Database Cleaner plugin

8.8CVSS6.5AI score0.0006EPSS