Vulnerabilities > Searchiq > Searchiq > 1.1.5
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-03-05 | CVE-2024-13350 | Cross-site Scripting vulnerability in Searchiq The SearchIQ – The Search Solution plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'siq_searchbox' shortcode in all versions up to, and including, 4.7 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
| 2024-12-31 | CVE-2024-56229 | Cross-Site Request Forgery (CSRF) vulnerability in Searchiq Cross-Site Request Forgery (CSRF) vulnerability in Searchiq SearchIQ.This issue affects SearchIQ: from n/a through 4.6. | 4.3 |
| 2024-12-04 | CVE-2024-10885 | Cross-site Scripting vulnerability in Searchiq The SearchIQ – The Search Solution plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'siq_searchbox' shortcode in all versions up to, and including, 4.6 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
| 2024-04-10 | CVE-2024-31259 | Unspecified vulnerability in Searchiq Insertion of Sensitive Information into Log File vulnerability in Searchiq SearchIQ.This issue affects SearchIQ: from n/a through 4.5. | 7.5 |
| 2022-04-18 | CVE-2022-0780 | Unspecified vulnerability in Searchiq The SearchIQ WordPress plugin before 3.9 contains a flag to disable the verification of CSRF nonces, granting unauthenticated attackers access to the siq_ajax AJAX action and allowing them to perform Cross-Site Scripting attacks due to the lack of sanitisation and escaping in the customCss parameter | 6.1 |