Live Vulnerability Intelligence

Threat Database

Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.

Total2

Critical0

High0

Medium2

Search Severity Year Type Sort Order

Reset

Showing 1-2 of 2 records

Threat Entry Updated 2025-03-14

CVE-2025-1528 - Filter Pro Plugin

The Search & Filter Pro plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'get_meta_values' function in all versions up to, and including, 2.5.19. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read the values of arbitrary post meta.

PLUGIN Filter Pro

CVE-2025-1528

MEDIUM CVSS 4.3 2025-03-14

Risk Score

Open Full Technical Breakdown

Threat Entry Updated 2025-05-28

CVE-2024-6481 - Filter Pro Plugin

The Search & Filter Pro WordPress plugin before 2.5.18 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)

PLUGIN Filter Pro

CVE-2024-6481

MEDIUM CVSS 4.8 2024-08-08

Risk Score

Open Full Technical Breakdown

Blog

"Prevention is cheaper than a breach"

Threat Database

CVE-2025-1528 - Filter Pro Plugin

CVE-2024-6481 - Filter Pro Plugin

Company Links

Contact Us