Yellowyard ≫ Yellow Yard Searchbar

2 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.

5.4

CVE-2023-1110

Exploit

EPSS 0.09%
Published 16.08.2023 12:15:12
Last modified 21.11.2024 07:38:28

The Yellow Yard Searchbar WordPress plugin before 2.8.12 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and abov...

6.1

CVE-2022-2094

Exploit

EPSS 0.1%
Published 08.02.2023 10:15:09
Last modified 25.03.2025 14:15:16

The Yellow Yard Searchbar WordPress plugin before 2.8.2 does not escape some URL parameters before outputting them back to the user, leading to Reflected Cross-Site Scripting