CVE-2024-11277
- EPSS 0.61%
- Published 20.11.2024 07:15:09
- Last modified 26.11.2024 20:59:50
The 404 Solution plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via URLs in all versions up to, and including, 2.35.19 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attack...
CVE-2024-1068
- EPSS 0.41%
- Published 11.03.2024 18:15:17
- Last modified 01.05.2025 00:04:20
The 404 Solution WordPress plugin before 2.35.8 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admins.
CVE-2023-52146
- EPSS 0.15%
- Published 05.01.2024 11:15:10
- Last modified 21.11.2024 08:39:16
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Aaron J 404 Solution.This issue affects 404 Solution: from n/a through 2.33.0.
CVE-2023-50848
- EPSS 0.14%
- Published 28.12.2023 12:15:42
- Last modified 21.11.2024 08:37:24
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Aaron J 404 Solution.This issue affects 404 Solution: from n/a through 2.34.0.