VYPR

WP AutoSuggest

by WordPress

CVEs (1)

  • CVE-2018-25434HigJun 1, 2026
    risk 0.53cvss 8.2epss 0.00

    WP AutoSuggest 0.24 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the wpas_keys parameter. Attackers can send GET requests to autosuggest.php with crafted wpas_keys values to…