Advance Search
Approved changes feed: RSS · Atom
cpe:2.3:a:advance_search_project:advance_search:*:*:*:*:*:wordpress:*:*
part: a version: * update: *
| Vendor | Advance Search Project (79e08d77-93de-58d4-97b6-6b9bf15d7c7f) |
|---|---|
| Product | Advance Search (b143aaf6-d8c6-555d-a3ae-0f53475c4ae8) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | wordpress |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-3265 |
vulnerable | 2026-06-08 06:41:52.800230 |
WP Advanced Search <= 1.1.6 - Admin+ SQL Injection
The Advanced Search WordPress plugin through 1.1.6 does not properly escape parameters appended to an SQL query, making it possible for users with the administrator role to conduct SQL Injection attacks in the context of a multisite WordPress configurations.
Published: 2024-04-25T21:25:07.990Z
Updated: 2024-08-01T20:05:08.327Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-38348 |
vulnerable | 2026-06-08 05:32:55.941289 |
Advance Search <= 1.1.2 Reflected Cross-Site Scripting
MEDIUM (6.1)
The Advance Search WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the wpas_id parameter found in the ~/inc/admin/views/html-advance-search-admin-options.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.1.2.
Published: 2021-09-10T13:32:38.774Z
Updated: 2025-05-02T19:53:39.565Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.