cleantalk
Vulnerabilities and Security Researches

Ivory Search – WordPress Search Plugin, b7a0fdeff3f6df9cde42915b897ded89fa214937

CVE, Research URL

b7a0fdeff3f6df9cde42915b897ded89fa214937

Home page URL

Security reports for Ivory Search – WordPress Search Plugin

Application

Ivory Search – WordPress Search Plugin

Published on
Jul 04, 2022
Research Description
Ivory Search &#8211; WordPress Search Plugin [add-search-to-menu] < 5.4.7 Ivory Search <= 5.4.6 - Reflected Cross-Site Scripting The Ivory Search plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via an unknown parameter in versions up to, and including, 5.4.6 due to insufficient input sanitization and output escaping. This makes it possible for attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
Affected versions
max 5.4.7.
Status
vulnerable
Previous vulnerability researches
Vuukle Comments, Reactions, Share Bar, Revenue (CVE-2021-4427) , Jun 07, 2024
Vuukle Comments, Reactions, Share Bar, Revenue (b77bc82519876c41f8d608a40b61521384622036) , Jun 07, 2024
Vuukle Comments, Reactions, Share Bar, Revenue (CVE-2021-4342) , Jun 07, 2024
Vuukle Comments, Reactions, Share Bar, Revenue (e03420c55099714ac90da016761d318e5e1cb6db) , Jun 16, 2026
Vuukle Comments, Reactions, Share Bar, Revenue (20851a18-8309-4405-b85c-acaa047effa7) , Jun 16, 2026
New vulnerability
leenk.me (753d31765913b4d2dbb8af0a5512e5f1f8c70c61) , Jun 16, 2026
Social Hashtags (5abd4657-8a58-4d97-b8cb-b67235ab5b8a) , Jun 16, 2026
Social Hashtags (1965c7b04565befbb11c28b56cb6922733a47b03) , Jun 16, 2026
Social Hashtags (a7cf6766582e354e702766a86f85716127d19bdc) , Jun 16, 2026
Simple Calendar &#8211; Google Calendar Plugin (e98a6264-9c5a-417f-b2f8-bd0017b411a0) , Jun 16, 2026