cleantalk
Vulnerabilities and Security Researches

Ivory Search – WordPress Search Plugin, 8eb624d0-4d43-4c25-86b7-41ff5d595bb8

CVE, Research URL

8eb624d0-4d43-4c25-86b7-41ff5d595bb8

Home page URL

Security reports for Ivory Search – WordPress Search Plugin

Application

Ivory Search – WordPress Search Plugin

Published on
-
Research Description
Ivory Search &#8211; WordPress Search Plugin [add-search-to-menu] < 4.8 Ivory Search &lt; 4.8 - Contributor+ Stored Cross-Site Scripting The plugin dos not escape the id argument of its shortcode, allowing users with a role as low as contributor to perform Cross-Site Scripting attacks
Affected versions
max 4.8.
Status
vulnerable
Previous vulnerability researches
Ivory Search &#8211; WordPress Search Plugin (7794b721-bbd5-43f6-b3af-b86426b359a2) , Jun 16, 2026
Ivory Search &#8211; WordPress Search Plugin (6d8910c719b2a132ec93828cd37e418b19cac960) , Jun 16, 2026
Ivory Search &#8211; WordPress Search Plugin (CVE-2026-1053) , Apr 15, 2026
Ivory Search &#8211; WordPress Search Plugin (1b1fe9af-6b09-4239-a0f1-7e503aacecbd) , Jun 16, 2026
Ivory Search &#8211; WordPress Search Plugin (b7a0fdeff3f6df9cde42915b897ded89fa214937) , Jun 16, 2026
New vulnerability
leenk.me (753d31765913b4d2dbb8af0a5512e5f1f8c70c61) , Jun 16, 2026
Social Hashtags (5abd4657-8a58-4d97-b8cb-b67235ab5b8a) , Jun 16, 2026
Social Hashtags (1965c7b04565befbb11c28b56cb6922733a47b03) , Jun 16, 2026
Social Hashtags (a7cf6766582e354e702766a86f85716127d19bdc) , Jun 16, 2026
Simple Calendar &#8211; Google Calendar Plugin (e98a6264-9c5a-417f-b2f8-bd0017b411a0) , Jun 16, 2026