Ivory Search
Vinod Dalvi
Developer
5.5.14
Latest version
100,000
Installations
No date
Last updated
Vulnerability history
0 present
14 patched
6 Mitigation rules
- Authenticated (Administrator+) Stored Cross-Site Scripting via 'menu_gcse' and 'nothing_found_text' Parameters vulnerability<= 5.5.1328/01/2026
- Broken Access Control vulnerability<= 5.5.1228/09/2025
- Admin+ Stored XSS vulnerability< 5.5.1017/06/2025
- Information Exposure via AJAX Search Form vulnerability<= 5.5.605/09/2024
- Missing Authorization to Authenticated (Subscriber+) Index Creation vulnerability<= 5.5.515/04/2024
- Reflected Cross Site Scripting (XSS) vulnerability< 5.5.218/07/2023
- Reflected Cross-Site Scripting (XSS) vulnerability<= 5.4.604/07/2022
- Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability< 5.4.428/02/2022
- Sensitive Information Disclosure vulnerability< 5.4.428/02/2022
- Multiple Stored Cross-Site Scripting (XSS) vulnerability<= 5.410/01/2022
- Authenticated Persistent Cross-Site Scripting (XSS) vulnerability<= 4.702/11/2021
- Reflected Cross-Site Scripting (XSS) vulnerability<= 4.6.601/10/2021
- Reflected Cross-Site Scripting (XSS) vulnerability<= 4.630/03/2021
- Reflected Cross-Site Scripting (XSS) vulnerability<= 4.5.1001/02/2021