SearchWP - CVE CyberSecurity Database News

Nov 8, 2022 CSRF WordPress SearchWP, LLC SearchWP

CVE-2022-40223 - Nonce Token Leakage and Missing Authorization in SearchWP Premium Plugin <= 4.2.5 on WordPress Leading to Plugin Settings Change

The popular SearchWP premium plugin for WordPress, used by thousands of websites for advanced search functionality, has been found vulnerable to a security flaw, identified