Filtered by vendor Searchwp Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2022-40223 1 Searchwp 1 Searchwp 2024-11-21 5.4 Medium
Nonce token leakage and missing authorization in SearchWP premium plugin <= 4.2.5 on WordPress leading to plugin settings change.
CVE-2022-2535 1 Searchwp 1 Searchwp Live Ajax Search 2024-11-21 5.3 Medium
The SearchWP Live Ajax Search WordPress plugin before 1.6.2 does not ensure that users making a live search are limited to published posts only, allowing unauthenticated users to make a crafted query disclosing private/draft/pending post titles along with their permalink