cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2021-4400,https://securityvulnerability.io/vulnerability/CVE-2021-4400,Cross-Site Request Forgery Vulnerability in Better Search Plugin for WordPress,"The Better Search plugin for WordPress is exposed to a Cross-Site Request Forgery (CSRF) vulnerability in versions up to 2.5.2. This flaw arises from a lack of proper nonce validation in the bsearch_process_settings_import() and bsearch_process_settings_export() functions. An attacker can exploit this vulnerability by tricking an authenticated site administrator into clicking a malicious link, potentially allowing unauthorized settings import and export actions via forged requests.",Wordpress,Better Search – Relevant Search Results For WordPress,4.3,MEDIUM,0.00046999999904073775,false,,false,false,false,,false,false,2023-07-01T05:33:27.028Z,0
CVE-2021-4373,https://securityvulnerability.io/vulnerability/CVE-2021-4373,Cross-Site Request Forgery in Better Search Plugin for WordPress,"The Better Search plugin for WordPress is susceptible to Cross-Site Request Forgery (CSRF), allowing attackers to exploit this flaw in versions up to and including 2.5.2. By tricking a site administrator into clicking a malicious link, an unauthenticated attacker could import arbitrary settings without the administrator's consent, potentially compromising the site. Users are encouraged to update to the latest version to mitigate this risk.",Wordpress,Better Search – Relevant Search Results For WordPress,8.8,HIGH,0.0014900000533089042,false,,false,false,false,,false,false,2023-06-07T01:51:43.709Z,0