Vulnerabilities and security researches forsearch-everything

CVE, Research URL: CVE-2014-2316
Home page URL: Security reports for Search Everything
Application: Search Everything
Date: Mar 09, 2014
Research Description: SQL injection vulnerability in se_search_default in the Search Everything plugin before 7.0.3 for WordPress allows remote attackers to execute arbitrary SQL commands via the s parameter to index.php. NOTE: some of these details are obtained from third party information.
Affected versions: max 7.0.3.
Status: vulnerable

CVE, Research URL: CVE-2016-10917
Home page URL: Security reports for Search Everything
Application: Search Everything
Date: Aug 22, 2019
Research Description: The search-everything plugin before 8.1.6 for WordPress has SQL injection related to empty search strings, a different vulnerability than CVE-2014-2316.
Affected versions: max 8.1.6.
Status: vulnerable

CVE, Research URL: CVE-2017-18571
Home page URL: Security reports for Search Everything
Application: Search Everything
Date: Aug 22, 2019
Research Description: The search-everything plugin before 8.1.7 for WordPress has SQL injection related to WordPress 4.7.x, a different vulnerability than CVE-2014-2316.
Affected versions: max 8.1.7.
Status: vulnerable

CVE, Research URL: CVE-2014-3843
Home page URL: Security reports for Search Everything
Application: Search Everything
Date: May 22, 2014
Research Description: Cross-site request forgery (CSRF) vulnerability in the Search Everything plugin before 8.1.1 for WordPress allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
Affected versions: max 8.1.1.
Status: vulnerable

Vulnerabilities and security researches forsearch-everything search-everything