VYPR

Better Find and Replace – AI-Powered Suggestions

by WordPress

Source repositories

CVEs (2)

  • CVE-2026-3369MedApr 16, 2026
    risk 0.28cvss 5.4epss 0.00

    The Better Find and Replace – AI-Powered Suggestions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via uploaded image title in versions up to, and including, 1.7.9 due to insufficient input sanitization and output escaping. This makes it possible for…

  • CVE-2025-12360MedNov 6, 2025
    risk 0.21cvss 4.3epss 0.00

    The Better Find and Replace – AI-Powered Suggestions plugin for WordPress is vulnerable to unauthorized API usage due to a missing capability check on the rtafar_ajax() function in all versions up to, and including, 1.7.7. This makes it possible for authenticated attackers,…