CVE-2018-25434 | eliekhoury WP AutoSuggest 0.24 GET Request autosuggest.php wpas_keys sql injection (Exploit 45977 / EDB-45977)

Inserito da Angelo Barbosa | Giu 2, 2026 | CVE

A vulnerability categorized as critical has been discovered in eliekhoury WP AutoSuggest 0.24. This affects an unknown function of the file autosuggest.php of the component GET Request Handler. Such manipulation of the argument wpas_keys leads to sql injection.

This vulnerability is referenced as CVE-2018-25434. It is possible to launch the attack remotely. Furthermore, an exploit is available.

CVE-2018-25434 | eliekhoury WP AutoSuggest 0.24 GET Request autosuggest.php wpas_keys sql injection (Exploit 45977 / EDB-45977)

Post correlati

CVE-2024-43152 | iberezansky 3D FlipBook Plugin up to 1.15.6 on WordPress cross site scripting

CVE-2024-26933 | Linux Kernel up to 6.1.83/6.6.23/6.7.11/6.8.2/6.9-rc1 USB port.c device_del deadlock

CVE-2024-12518 | Teplitsa shMapper Plugin up to 1.4.18 on WordPress cross site scripting

CVE-2024-7190 | itsourcecode Society Management System 1.0 /admin/get_price.php expenses_id sql injection