cleantalk
Vulnerabilities and Security Researches

Ivory Search – WordPress Search Plugin, 8eb624d0-4d43-4c25-86b7-41ff5d595bb8

CVE, Research URL

8eb624d0-4d43-4c25-86b7-41ff5d595bb8

Home page URL

Security reports for Ivory Search – WordPress Search Plugin

Application

Ivory Search – WordPress Search Plugin

Published on
-
Research Description
Ivory Search &#8211; WordPress Search Plugin [add-search-to-menu] < 4.8 Ivory Search &lt; 4.8 - Contributor+ Stored Cross-Site Scripting The plugin dos not escape the id argument of its shortcode, allowing users with a role as low as contributor to perform Cross-Site Scripting attacks
Affected versions
max 4.8.
Status
vulnerable
Previous vulnerability researches
Easy Code Snippets (9157f1c1aa17fcdb38ad432b11d2de5d2db4ade2) , Jun 16, 2026
Easy Code Snippets (7e57cd4f4859826de00a8e2b09ee24fb7f2d824b) , Jun 16, 2026
Easy Code Snippets (6ff37c2e-e21d-4abc-bafe-8ca6a2c1ed76) , Jun 16, 2026
Easy Code Snippets (6d8910c719b2a132ec93828cd37e418b19cac960) , Jun 16, 2026
Easy Code Snippets (CVE-2023-33999) , Jun 14, 2026
New vulnerability
leenk.me (753d31765913b4d2dbb8af0a5512e5f1f8c70c61) , Jun 16, 2026
Social Hashtags (5abd4657-8a58-4d97-b8cb-b67235ab5b8a) , Jun 16, 2026
Social Hashtags (1965c7b04565befbb11c28b56cb6922733a47b03) , Jun 16, 2026
Social Hashtags (a7cf6766582e354e702766a86f85716127d19bdc) , Jun 16, 2026
Simple Calendar &#8211; Google Calendar Plugin (e98a6264-9c5a-417f-b2f8-bd0017b411a0) , Jun 16, 2026