7 matches found
CVE-2023-1420
The Ajax Search Lite WordPress plugin before 4.11.1, Ajax Search Pro WordPress plugin before 4.26.2 does not sanitise and escape a parameter before outputting it back in a response of an AJAX action, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such...
CVE-2023-1420
creationtimestamp| type| source ---|---|--- 2023-04-24 22:19:29+00:00| seen| https://t.me/cibsecurity/62740...
CVE-2023-1420
The Ajax Search Lite WordPress plugin before 4.11.1, Ajax Search Pro WordPress plugin before 4.26.2 does not sanitise and escape a parameter before outputting it back in a response of an AJAX action, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such...
CVE-2023-1420 Ajax Search Lite < 4.11.1, Pro < 4.26.2 - Reflected Cross-Site Scripting
The Ajax Search Lite WordPress plugin before 4.11.1, Ajax Search Pro WordPress plugin before 4.26.2 does not sanitise and escape a parameter before outputting it back in a response of an AJAX action, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such...
CVE-2023-1420
CVE-2023-1420 affects WordPress Ajax Search Lite (<= 4.11.0) and Ajax Search Pro (
CVE-2023-1420 Ajax Search Lite < 4.11.1, Pro < 4.26.2 - Reflected Cross-Site Scripting
The Ajax Search Lite WordPress plugin before 4.11.1, Ajax Search Pro WordPress plugin before 4.26.2 does not sanitise and escape a parameter before outputting it back in a response of an AJAX action, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such...
WordPress Ajax Search Lite Plugin <= 4.11 is vulnerable to Cross Site Scripting (XSS)
Software Ajax Search Lite Type Plugin Vulnerable versions = 4.11 Fixed in 4.11.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-1420 Patch priority Medium CVSS severity Medium 4.3 Developer WPdreams PSID 3abcb0638a8c Credits Erwan LR Required...