CVE-2023-1420
Ajax Search Lite < 4.11.1, Pro < 4.26.2 - Reflected Cross-Site ScriptingThe Ajax Search Lite WordPress plugin before 4.11.1, Ajax Search Pro WordPress plugin before 4.26.2 does not sanitise and escape a parameter before outputting it back in a response of an AJAX action, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
We have discovered 837 live websites that are affected by CVE-2023-1420.
Contact us to get more info
Common Weakness Enumeration
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Distribution by Website Rank
The diagram provides a graphic representation of the correlation between the occurrence of CVE-2023-1420 and the relative popularity of websites