2 matches found
CVE-2025-1505
The Advanced AJAX Product Filters plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'nonce' parameter in all versions up to, and including, 1.6.8.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...
CVE-2025-1505
CVE-2025-1505 is a confirmed vulnerability affecting the WordPress plugin Advanced AJAX Product Filters . It enables a Reflected Cross-Site Scripting (XSS) via the nonce parameter in all versions up to and including 1.6.8.1, due to insufficient input sanitization and output escaping. The vulnerab...