VYPR

Searchiq

by WordPress

CVEs (4)

  • CVE-2024-31259HigApr 10, 2024
    risk 0.49cvss 7.5epss 0.01

    Insertion of Sensitive Information into Log File vulnerability in Searchiq SearchIQ.This issue affects SearchIQ: from n/a through 4.5.

  • CVE-2024-13350MedMar 5, 2025
    risk 0.35cvss 6.4epss 0.00

    The SearchIQ – The Search Solution plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'siq_searchbox' shortcode in all versions up to, and including, 4.7 due to insufficient input sanitization and output escaping on user supplied attributes.…

  • CVE-2024-10885Dec 4, 2024
    risk 0.00cvss epss 0.00

    The SearchIQ – The Search Solution plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'siq_searchbox' shortcode in all versions up to, and including, 4.6 due to insufficient input sanitization and output escaping on user supplied attributes.…

  • CVE-2022-0780Apr 18, 2022
    risk 0.00cvss epss 0.01

    The SearchIQ WordPress plugin before 3.9 contains a flag to disable the verification of CSRF nonces, granting unauthenticated attackers access to the siq_ajax AJAX action and allowing them to perform Cross-Site Scripting attacks due to the lack of sanitisation and escaping in…