WordPress Ajax WooSearch plugin <= 1.0.0 - Unauthenticated SQL Injection vulnerability

Unauthenticated SQL Injection vulnerability discovered by Khaled Alenazi Nxploited in WordPress Plugin Ajax WooSearch versions = 1.0.0...

CVE-2025-9697

The Ajax WooSearch WordPress plugin through 1.0.0 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection...

PT-2025-40323

Name of the Vulnerable Software and Affected Versions Ajax WooSearch WordPress plugin versions through 1.0.0 Description The Ajax WooSearch WordPress plugin does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action. This allows for SQL injection by...

WordPress plugin Ajax WooSearch 安全漏洞

WordPress Ajax WooSearch plugin is a plugin for enhancing the search functionality of your website, mainly used to improve the user experience, supporting real-time search and indexing of multiple content types. WordPress Ajax WooSearch plugin suffers from an SQL injection vulnerability that stem...