Lucene search
+L

4 matches found

nvd
nvd
added 2023/04/24 7:15 p.m.27 views

CVE-2023-1435

The Ajax Search Pro WordPress plugin before 4.26.2 does not sanitise and escape various parameters before outputting them back in pages, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6.1CVSS6AI score0.00458EPSS
Exploits2References1
cvelist
cvelist
added 2023/04/24 6:30 p.m.30 views

CVE-2023-1435 Ajax Search Lite Pro < 4.26.2 - Multiple Reflected Cross-Site Scripting

The Ajax Search Pro WordPress plugin before 4.26.2 does not sanitise and escape various parameters before outputting them back in pages, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6.2AI score0.00458EPSS
Exploits2References1
cve
cve
added 2023/04/24 6:30 p.m.70 views

CVE-2023-1435

CVE-2023-1435 affects Ajax Search Pro for WordPress prior to v4.26.2. The vulnerability is a Reflected Cross-Site Scripting caused by insufficient sanitization/escaping of input parameters before echoing them back in pages, enabling an attacker to target high-privilege users (e.g., admins). Publi...

6.1CVSS6.1AI score0.00458EPSS
Exploits2References1Affected Software1
patchstack
patchstack
added 2023/04/05 12:0 a.m.14 views

WordPress Ajax Search Pro Plugin < 4.26.2 is vulnerable to Cross Site Scripting (XSS)

Software Ajax Search Pro Type Plugin Vulnerable versions 4.26.2 Fixed in 4.26.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-1435 Patch priority High CVSS severity High 6.1 Developer Claim ownership PSID 019181a32a8a Credits Erwan LR Required...

6.1CVSS5.6AI score0.00458EPSS
Exploits2References2Affected Software1
Rows per page
Query Builder