← Back

Malware Scanner

malware_scanner

Vendor: Miniorange • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2024-25902
1Miniorange
1Malware Scanner
Apr 28, 2026
Feb 28, 2024
N/A· v4
7.2 HIGH· v3
N/A· v2
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in miniorange Malware Scanner.This issue affects Malware Scanner: from n/a through 4.7.2.
CVE-2022-1995
1Miniorange
1Malware Scanner
Nov 21, 2024
Jun 27, 2022
N/A· v4
4.8 MEDIUM· v3
3.5 LOW· v2
The Malware Scanner WordPress plugin before 4.5.2 does not sanitise and escape some of its settings, leading to malicious users with administrator privileges to store malicious Javascript code leading to Cross-Site Scrip...Show more
The Malware Scanner WordPress plugin before 4.5.2 does not sanitise and escape some of its settings, leading to malicious users with administrator privileges to store malicious Javascript code leading to Cross-Site Scripting attacks when unfiltered_html is disallowed (for example in multisite setup)Show less