cleantalk
Vulnerabilities and Security Researches

Vulnerabilities and security researches forwp-bing-search wp-bing-search

Direction: ascending
Jun 07, 2024

Bing Custom Search for WordPress # 06a0cd31d1621e1db33272c025b254ef27a31a7e

CVE, Research URL

06a0cd31d1621e1db33272c025b254ef27a31a7e

Home page URL

Security reports for Bing Custom Search for WordPress

Application

Bing Custom Search for WordPress

Date
Feb 28, 2022
Research Description
Bing Custom Search for WordPress [wp-bing-search] < 2.4 WordPress Bing Custom Search for WordPress plugin < 2.4 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability discovered in WordPress Bing Custom Search for WordPress plugin (versions < 2.4).
Affected versions
max 2.4.
Status
vulnerable
Jun 13, 2026

Bing Custom Search for WordPress # CVE-2023-33999

CVE, Research URL

CVE-2023-33999

Home page URL

Security reports for Bing Custom Search for WordPress

Application

Bing Custom Search for WordPress

Date
Jun 11, 2026
Research Description
Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in WPVibes WP Mail Log allows DOM-Based XSS. This issue affects WP Mail Log: from n/a through 1.0.2.
Affected versions
max 2.6.3.
Status
vulnerable
Jun 16, 2026

Bing Custom Search for WordPress # 2ae6fb0ae541a17fa4d9c412a5bb890e13535909

CVE, Research URL

2ae6fb0ae541a17fa4d9c412a5bb890e13535909

Home page URL

Security reports for Bing Custom Search for WordPress

Application

Bing Custom Search for WordPress

Date
Feb 28, 2022
Research Description
Bing Custom Search for WordPress [wp-bing-search] < 2.4 WordPress Bing Custom Search for WordPress plugin < 2.4 - Sensitive Information Disclosure vulnerability Sensitive Information Disclosure vulnerability discovered in WordPress Bing Custom Search for WordPress plugin (versions < 2.4).
Affected versions
max 2.4.
Status
vulnerable

Bing Custom Search for WordPress # b7d9c54a-9a9a-48ad-bb78-e30340963236

CVE, Research URL

b7d9c54a-9a9a-48ad-bb78-e30340963236

Home page URL

Security reports for Bing Custom Search for WordPress

Application

Bing Custom Search for WordPress

Date
-
Research Description
Bing Custom Search for WordPress [wp-bing-search] < 2.4 Unauthorised AJAX Calls via Freemius The plugins and themes use an insecure version of the Freemius Framework, which is lacking CSRF and/or authorisation in some of its AJAX actions. As a result, any authenticated users, such as subscriber could access the debug logs. Unauthenticated attackers could also make a logged in admin toggle the debug mode via a CSRF attack.
Affected versions
max 2.4.
Status
vulnerable