Security Advisory

CVE-2024-3265

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-04-25 21:25:07

Last updated 2024-08-01 20:05:08

Assigner WPScan

State PUBLISHED

Description

The Advanced Search WordPress plugin through 1.1.6 does not properly escape parameters appended to an SQL query, making it possible for users with the administrator role to conduct SQL Injection attacks in the context of a multisite WordPress configurations.

← Browse all CVEs View on cve.org ↗