Vulnerabilities (CVE)

Filtered by vendor Wp-media Subscribe
Filtered by product Search \& Replace
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-4145 1 Wp-media 1 Search \& Replace 2024-11-21 N/A 7.2 HIGH
The Search & Replace WordPress plugin before 3.2.2 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks (such as within a multi-site network).
CVE-2024-38759 1 Wp-media 1 Search \& Replace 2024-11-21 N/A 5.4 MEDIUM
Deserialization of Untrusted Data vulnerability in WP MEDIA SAS Search & Replace search-and-replace.This issue affects Search & Replace: from n/a through 3.2.2.