VYPR

Advanced Search

by WordPress

CVEs (2)

  • CVE-2024-2739HigApr 15, 2024
    risk 0.57cvss 8.7epss 0.00

    The Advanced Search WordPress plugin through 1.1.6 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks

  • CVE-2024-3265MedApr 25, 2024
    risk 0.31cvss 4.7epss 0.00

    The Advanced Search WordPress plugin through 1.1.6 does not properly escape parameters appended to an SQL query, making it possible for users with the administrator role to conduct SQL Injection attacks in the context of a multisite WordPress configurations.