CVE-2025-7956

The Ajax Search Lite plugin for WordPress, in all versions up to and including 4.13.1, contains a basic information exposure vulnerability in its AJAX search handler. The handler fails to enforce proper authorization checks, allowing unauthenticated users to access search results that include content from protected posts [1].

An attacker can exploit this by sending repeated AJAX requests to the search endpoint. Since the plugin returns search results in rolling 100-character windows, an attacker can piece together the full content of any protected post by making multiple requests [1]. No authentication or special privileges are required, and the attack can be carried out from the public-facing web interface.

The impact is the unauthorized disclosure of content from posts that should be restricted, such as private or password-protected pages. This could expose sensitive information intended only for authorized users [1].

As of the publication date, the vulnerability affects all versions up to 4.13.1. Users should update to the latest patched version if available, or apply any provided workarounds to restrict access to the AJAX search handler [1].