Vulnerabilities > Berocket > Advanced Ajax Product Filters > 1.5.2.11
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-02-28 | CVE-2025-1505 | Cross-site Scripting vulnerability in Berocket Advanced Ajax Product Filters The Advanced AJAX Product Filters plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'nonce' parameter in all versions up to, and including, 1.6.8.1 due to insufficient input sanitization and output escaping. | 6.1 |
| 2024-01-16 | CVE-2021-24432 | Cross-site Scripting vulnerability in Berocket Advanced Ajax Product Filters The Advanced AJAX Product Filters WordPress plugin does not sanitise the 'term_id' POST parameter before outputting it in the page, leading to reflected Cross-Site Scripting issue. | 6.1 |