Lucene search
WPScanVULNRICHMENT:CVE-2024-3265HistoryApr 25, 2024 - 9:25 p.m.
CVE-2024-3265 WP Advanced Search <= 1.1.6 - Admin+ SQL Injection
2024-04-2521:25:07
WPScan
github.com
3
wordpress
advanced search
sql injection
administrator
multisite configuration
The Advanced Search WordPress plugin through 1.1.6 does not properly escape parameters appended to an SQL query, making it possible for users with the administrator role to conduct SQL Injection attacks in the context of a multisite WordPress configurations.
ADP Affected
[
{
"cpes": [
"cpe:2.3:a:mndpsingh287:advanced_search:*:*:*:*:*:*:*:*"
],
"vendor": "mndpsingh287",
"product": "advanced_search",
"versions": [
{
"status": "affected",
"version": "*"
}
],
"defaultStatus": "unknown"
}
]Related
wpvulndb
wpvulndb
WP Advanced Search <= 1.1.6 - Admin+ SQL Injection
2024-04-04 00:00:00
wpexploit
wpexploit
WP Advanced Search <= 1.1.6 - Admin+ SQL Injection
2024-04-04 00:00:00
cve
cve
CVE-2024-3265
2024-04-25 22:15:09
cvelist
cvelist
CVE-2024-3265 WP Advanced Search <= 1.1.6 - Admin+ SQL Injection
2024-04-25 21:25:07
nvd
nvd
CVE-2024-3265
2024-04-25 22:15:09
fedora
fedora
[SECURITY] Fedora 38 Update: freerdp-2.11.7-1.fc38
2024-05-09 01:49:12
[SECURITY] Fedora 39 Update: freerdp-2.11.7-1.fc39
2024-05-09 02:05:21
[SECURITY] Fedora 40 Update: freerdp2-2.11.7-1.fc40
2024-05-09 01:41:53
wordfence
wordfence
AI Score
7.8
Confidence
Low
SSVC
Exploitation
poc
Automatable
no
Technical Impact
partial
Related for VULNRICHMENT:CVE-2024-3265