CVE-2025-7956

Published
View on NVD ↗
CVSS v3
5.3
MEDIUM
CVSS v2
N/A
Affected
1
PROJECT

Description

The Ajax Search Lite plugin for WordPress is vulnerable to Basic Information Exposure due to missing authorization in its AJAX search handler in all versions up to, and including, 4.13.1. This makes it possible for unauthenticated attackers to issue repeated AJAX requests to leak the content of any protected post in rolling 100‑character windows.

Ajax Search Lite – Live Search & Filter
Ajax Search Lite – Live Search & Filter
<p><strong>Ajax Search Lite</strong> is a live search plugin for WordPress. This responsive live search engine, which will boost your user experience by providing a user friendly ajax powered search form – a live search bar. You can filter the results with the category and post type filter boxes as well. Google autocomplete and keyword suggestions also included.</p> <span class="embed-youtube" style="text-align:center; display: block;"><iframe loading="lazy" class="youtube-player" width="750" height="422" src="https://www.youtube.com/embed/qI2_iKK4n_4?version=3&#038;rel=1&#038;showsearch=0&#038;showinfo=1&#038;iv_load_policy=1&#038;fs=1&#038;hl=en-US&#038;autohide=2&#038;wmode=transparent" allowfullscreen="true" style="border:0;" sandbox="allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox"></iframe></span> <p>Very smooth animations with mobile device support and regular updates. Use <strong>Ajax Search Lite</strong> as a replacement for the default WordPress search with a better looking, more efficient search engine.<br /> Fine-tune the user experience by providing a powerful ajax search plugin to your visitors. Supports custom post types and custom fields and more. Boost your site search engine with this custom built live search engine.</p> <p><a href="https://ajaxsearchpro.com" rel="nofollow ugc">Home</a> | <a href="https://ajaxsearchpro.com/features" rel="nofollow ugc">Features</a> | <a href="https://documentation.ajaxsearchlite.com/" rel="nofollow ugc">Lite Docs</a> | <a href="https://documentation.ajaxsearchpro.com/" rel="nofollow ugc">Pro Docs</a></p> <span class="embed-youtube" style="text-align:center; display: block;"><iframe loading="lazy" class="youtube-player" width="750" height="422" src="https://www.youtube.com/embed/tMde9nDQOEU?version=3&#038;rel=1&#038;showsearch=0&#038;showinfo=1&#038;iv_load_policy=1&#038;fs=1&#038;hl=en-US&#038;autohide=2&#038;wmode=transparent" allowfullscreen="true" style="border:0;" sandbox="allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox"></iframe></span> <p>Ajax Search Lite and Ajax Search Pro <strong>does not require monthly subscriptions</strong>, does not store your data on external servers – <strong>everything is done locally</strong>, on your server.</p> <h4>Features List</h4> <ul> <li>Search in <strong>posts</strong> and <strong>pages</strong></li> <li>Search in <strong>custom post types</strong> such as WooCommerce <strong>Products</strong>, <strong>Events</strong>, <strong>Portfolio</strong> items and more</li> <li>Search in <strong>title</strong>, <strong>description</strong>, <strong>excerpt</strong>, <strong>categories</strong> and <strong>tags</strong> and any <strong>custom fields</strong></li> <li>Archive page live loader and filter</li> <li>Automatic search replacement as well as <strong>widget</strong> and <strong>shortcode</strong> availalbe</li> <li>Custom Filter boxes (checkbox filters) for categories and post types</li> <li><strong>WPML</strong>, <strong>Polylang</strong> and <strong>QtranslateX</strong> compatible</li> <li><a href="https://documentation.ajaxsearchpro.com/search-statistics" rel="nofollow ugc">Live Search Statistics</a></li> <li><a href="https://documentation.ajaxsearchpro.com/performance-tuning/cache" rel="nofollow ugc">Super Fast Search Cache</a> &#8211; instant cached results</li> <li>10+ built in templates + options for color adjustments</li> <li>Retina ready vectorized <strong>SVG</strong> and <strong>CSS3</strong> icons</li> <li>Category and post exclusions</li> <li>Frontend search settings boxes</li> <li>Images in search results</li> <li>Fully ajax powered</li> <li><strong>50+ options</strong> on the backend</li> <li>Caches images for faster response time</li> <li>Performance Options</li> <li><strong>Google analytics integration</strong> – both as <strong>Events</strong> and Pageviews</li> <li>Primary and Secondary ordering options</li> <li>Highly compatible and responsive</li> </ul> <h4>Support</h4> <p>Feel free to <a href="https://wordpress.org/support/plugin/ajax-search-lite/" rel="ugc">contact us</a> via the support forums.</p> <h4>In Pro version</h4> <ul> <li><a href="https://ajaxsearchpro.com" rel="nofollow ugc">Front-end demo</a> | <a href="https://ajaxsearchpro.com/try/" rel="nofollow ugc">Back-end demo</a></li> <li>Create multiple search bars with different configurations</li> <li>All page builders supported (Elementor, Divi, Oxygen, Breakdance, Gutenberg, Beaver etc..)</li> <li>Search in <strong>Every custom post type</strong></li> <li>Search in <strong><a href="https://ajaxsearchpro.com/file-search/" rel="nofollow ugc">Media Attachments and contents</a></strong> (PDF, Excel, Word, PowerPoint etc..)</li> <li>Search in <strong>BuddyPress activity feed, users and group names</strong></li> <li>Search in PeepSo Groups and Group Activities</li> <li>Search result grouping by categories or post types</li> <li>Search in custom fields including repeaters and special custom field taypes</li> <li><strong>Predictive search</strong> results suggestions</li> <li>WooCommerce <a href="https://ajaxsearchpro.com/shop-search/" rel="nofollow ugc">Shop search and filter</a></li> <li>Search and filter Elementor <a href="https://ajaxsearchpro.com/elementor-live-filter/" rel="nofollow ugc">Loop Grid</a> and <a href="https://ajaxsearchpro.com/jet-engine-listing-grid-filter/" rel="nofollow ugc">JetEngine Listing Grid</a></li> <li>Advanced caching technology – image precaching, search phrase caching</li> <li>Category filters, custom field filters, post type filters, tag filters, taxonomy term filters and date filters</li> <li><strong>Checkbox, Drop-down, Multiselect, Radio, Slider and Range slider filters</strong></li> <li>Results grouping by category, post type or content type</li> <li><a href="https://ajaxsearchpro.com/load-more-infinite-scroll/" rel="nofollow ugc">Load more and Inifinite scroll</a></li> <li>100+ Themes – Fully configurable and editable – with theme customizer &amp; preview window</li> <li>4 layouts: Vertical, Horizontal, Polaroid and Isotopic (with pagination)</li> <li>400+ Admin options </li> <li>Google keyword suggestions and autocomplete</li> <li>Compatibility options and features</li> <li>Caching options &amp; Search statistics</li> <li>Keyword Highlighting &amp; more…</li> <li>Highly compatible and responsive</li> <li><a href="https://ajaxsearchpro.com/features/" rel="nofollow ugc">Full Features List</a></li> </ul> <h4>Testimonials</h4> <blockquote> <p>&#8220;Beyond the live search, it also makes your search much more complete. You’ll be able to include custom fields, comments, and more in your search index.&#8221; – Ben Pines – Elementor</p> <p>&#8220;Consider this plugin if you’re looking for a professional live search offering.&#8221; – Tom Ewer – WPMU Dev</p> <p>&#8220;Ajax Search Pro plugin gives you a live Ajax search, so much comfortable search experience&#8221; – Dragan Nikolic – Thematosoup</p> <p>&#8220;As the name suggests, the core value of Ajax Search Pro is the ability to add Ajax live search to WordPress.&#8221; – Colin Newcomer – aThemes</p> </blockquote>
WordPress Plugin DirectoryWordPress Plugin Directory
2.25M