Wp-dreams Ajax_search

7 CVEs affecting Wp-dreams Ajax_search. Latest disclosed: 2025-05-15. Critical: 0, High: 1.

Top CVEs affecting Wp-dreams Ajax_search
CVESeverityScorePublishedSummary
CVE-2024-21752High7.12024-02-29Cross-Site Request Forgery (CSRF) vulnerability in Ernest Marcinko Ajax Search Lite allows Reflected XSS.This issue affects Ajax Search Lite: from n/a through…
CVE-2023-1435Medium6.12023-04-24The Ajax Search Pro WordPress plugin before 4.26.2 does not sanitise and escape various parameters before outputting them back in pages, leading to a Reflected…
CVE-2023-1420Medium6.12023-04-24The Ajax Search Lite WordPress plugin before 4.11.1, Ajax Search Pro WordPress plugin before 4.26.2 does not sanitise and escape a parameter before outputting…
CVE-2024-8619Medium4.82025-05-15The Ajax Search Lite WordPress plugin before 4.12.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to…
CVE-2024-7084Medium4.82024-08-06The Ajax Search Lite WordPress plugin before 4.12.1 does not sanitise and escape some parameters, which could allow users with a role as low as Admin+ to perfo…
CVE-2024-10568Medium4.72024-12-12The Ajax Search Lite WordPress plugin before 4.12.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to…
CVE-2024-13585Low3.52025-02-21The Ajax Search Lite WordPress plugin before 4.12.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to…