Sigmaplugin
sigmaplugin
7 CVEs • 2 products
Products (2)
Click to collapseToggle
Products (2)
Click to collapse
CVEs (7)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Sigmaplugin 1Advanced Database Cleaner Jun 17, 2026 Feb 5, 2024 N/A· v4 7.2 HIGH· v3 N/A· v2 The Advanced Database Cleaner plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.1.3 via deserialization of untrusted input in the 'process_bulk_action' function. This make...Show more |
1Sigmaplugin 1Advanced Database Cleaner Jun 17, 2026 Dec 19, 2023 N/A· v4 7.2 HIGH· v3 N/A· v2 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Younes JFR. Advanced Database Cleaner.This issue affects Advanced Database Cleaner: from n/a through 3.1.2. |
1Sigmaplugin 1Advanced Database Cleaner Jun 17, 2026 May 23, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Younes JFR. Advanced Database Cleaner plugin <= 3.1.1 versions. |
1Sigmaplugin 1Advanced Wordpress Reset Jun 17, 2026 Aug 1, 2022 N/A· v4 6.1 MEDIUM· v3 N/A· v2 The Advanced WordPress Reset WordPress plugin before 1.6 does not escape some generated URLs before outputting them back in href attributes of admin dashboard pages, leading to Reflected Cross-Site Scripting |
1Sigmaplugin 1Advanced Database Cleaner Jun 17, 2026 Jul 17, 2022 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 The Advanced Database Cleaner WordPress plugin before 3.1.1 does not escape numerous generated URLs before outputting them back in href attributes of admin dashboard pages, leading to Reflected Cross-Site Scripting |
1Sigmaplugin 1Advanced Database Cleaner Jun 17, 2026 Feb 21, 2022 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 The Advanced Database Cleaner WordPress plugin before 3.0.4 does not sanitise and escape $_GET keys and values before outputting them back in attributes, leading to Reflected Cross-Site Scripting issues |
1Sigmaplugin 1Advanced Database Cleaner Jun 17, 2026 Mar 18, 2021 N/A· v4 7.2 HIGH· v3 6.5 MEDIUM· v2 Unvaludated input in the Advanced Database Cleaner plugin, versions before 3.0.2, lead to SQL injection allowing high privilege users (admin+) to perform SQL attacks. |