Primary

Context

Ajax Search Lite Missing Authorization Vulnerability Allowing Basic Information Exposure

Vulnerability

A vulnerability exists in the Ajax Search Lite plugin for WordPress, in all versions through 4.13.1, allowing unauthenticated attackers to access protected post content. This issue arises from a lack of proper authorization in the AJAX search handler, enabling repeated requests that leak information in 100-character increments.

Impact

Exploitation of this vulnerability could lead to unauthorized access to the content of protected posts, allowing attackers to read sensitive information that should remain private.

Remediation

Users can update to version 4.13.2 or a newer patched version to address this vulnerability.

Added: Aug 28, 2025, 6:17 AM

Updated: Aug 28, 2025, 6:17 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

8.1

remediation

7.7

relevance

0.4

threat

3.2

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

8.1

remediation

7.7

relevance

0.4

threat

3.2

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Ajax Search Lite Missing Authorization Vulnerability Allowing Basic Information Exposure

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating