Live Vulnerability Intelligence

Threat Database

Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.

Total3

Critical0

High0

Medium3

Search Severity Year Type Sort Order

Reset

Showing 1-3 of 3 records

Threat Entry Updated 2025-11-25

CVE-2025-10646 - Search Exclude Plugin

The Search Exclude plugin for WordPress is vulnerable to unauthorized modification of data due to a insufficient capability check on the Base::get_rest_permission() method in all versions up to, and including, 2.5.7. This makes it possible for authenticated attackers, with Contributor-level access and above, to modify plugin settings, such as adding arbitrary posts to the search exclusion list.

PLUGIN Search Exclude

CVE-2025-10646

MEDIUM CVSS 4.3 2025-11-25

Risk Score

Open Full Technical Breakdown

Threat Entry Updated 2025-05-07

CVE-2025-2821 - Search Exclude Plugin

The Search Exclude plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the get_rest_permission function in all versions up to, and including, 2.4.9. This makes it possible for unauthenticated attackers to modify plugin settings, excluding content from search results.

PLUGIN Search Exclude

CVE-2025-2821

MEDIUM CVSS 5.3 2025-05-07

Risk Score

Open Full Technical Breakdown

Threat Entry Updated 2024-11-21

CVE-2022-36282 - Search Exclude Plugin

Authenticated (editor+) Stored Cross-Site Scripting (XSS) vulnerability in Roman Pronskiy's Search Exclude plugin

PLUGIN Search Exclude

CVE-2022-36282

MEDIUM CVSS 4.8 2022-08-23

Risk Score

Open Full Technical Breakdown

Blog

"Prevention is cheaper than a breach"

Threat Database

CVE-2025-10646 - Search Exclude Plugin

CVE-2025-2821 - Search Exclude Plugin

CVE-2022-36282 - Search Exclude Plugin

Company Links

Contact Us