VYPR

Ajax Search For Woocommerce

by WordPress

Source repositories

CVEs (3)

  • CVE-2025-14298MedDec 20, 2025
    risk 0.35cvss 5.4epss 0.00

    The FiboSearch – Ajax Search for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's `thegem_te_search` shortcode in all versions up to, and including, 1.32.0 due to insufficient input sanitization and output escaping on user supplied…

  • CVE-2023-2450MedJun 9, 2023
    risk 0.29cvss 4.4epss 0.01

    The FiboSearch - AJAX Search for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and including, 1.23.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated…

  • CVE-2025-47444MedAug 12, 2025
    risk 0.27cvss 5.3epss 0.00

    Missing Authorization vulnerability in Damian Góra FiboSearch ajax-search-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FiboSearch: from n/a through <= 1.32.1.