EPSS
Percentile
45.1%
The plugin does not properly sanitize and escape input in admin settings, leading to a Stored Cross-Site Scripting vulnerability in affected pages for multi-site installations and instances where unfiltered_html is disabled.
www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/ajax-search-for-woocommerce/fibosearch-ajax-search-for-woocommerce-1230-authenticated-admin-stored-cross-site-scripting