Ngg Smart Image Search@* Security Vulnerabilities and Issues — Ngg Smart Image Search@* CVE List

Lucene search

Wpo-hrNgg Smart Image Search*

3 matches found

CVE•added 2025/02/12 5:15 a.m.•42 views

CVE-2024-13658

The NGG Smart Image Search plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'hr_SIS_nextgen_searchbox' shortcode in all versions up to, and including, 3.2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possib...

6.4CVSS5.7AI score0.00031EPSS

CVE•added 2025/05/07 3:16 p.m.•35 views

CVE-2025-47503

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpo-HR NGG Smart Image Search allows Stored XSS. This issue affects NGG Smart Image Search: from n/a through 3.3.3.

6.5CVSS6.4AI score0.00045EPSS

CVE•added 2025/07/04 12:15 p.m.•12 views

CVE-2025-52832

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in wpo-HR NGG Smart Image Search allows SQL Injection. This issue affects NGG Smart Image Search: from n/a through 3.4.1.

9.3CVSS7.7AI score0.00039EPSS