Ernest Marcinko Ajax Search Lite vulnerabilities

2 known vulnerabilities affecting ernest_marcinko/ajax_search_lite.

Total CVEs

2

CISA KEV

0

Public exploits

0

Exploited in wild

0

Severity breakdown

HIGH1MEDIUM1

Vulnerabilities

Page 1 of 1

CVE-2024-21752MEDIUMCVSS 6.1≥ n/a, ≤ 4.11.42024-02-29

CVE-2024-21752 [MEDIUM] CWE-352 CVE-2024-21752: Cross-Site Request Forgery (CSRF) vulnerability in Ernest Marcinko Ajax Search Lite allows Reflected Cross-Site Request Forgery (CSRF) vulnerability in Ernest Marcinko Ajax Search Lite allows Reflected XSS.This issue affects Ajax Search Lite: from n/a through 4.11.4.

CVE-2022-38456HIGHCVSS 7.5≥ n/a, ≤ 4.10.32023-03-15

CVE-2022-38456 [HIGH] CWE-200 CVE-2022-38456: Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Ernest Marcinko Ajax Sea Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Ernest Marcinko Ajax Search Lite plugin <= 4.10.3 versions.