Filtered by vendor Searchwp
Subscriptions
Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2022-40223 | 1 Searchwp | 1 Searchwp | 2024-11-21 | 5.4 Medium |
Nonce token leakage and missing authorization in SearchWP premium plugin <= 4.2.5 on WordPress leading to plugin settings change. | ||||
CVE-2022-2535 | 1 Searchwp | 1 Searchwp Live Ajax Search | 2024-11-21 | 5.3 Medium |
The SearchWP Live Ajax Search WordPress plugin before 1.6.2 does not ensure that users making a live search are limited to published posts only, allowing unauthenticated users to make a crafted query disclosing private/draft/pending post titles along with their permalink |
Page 1 of 1.