Vulnerabilities > Berocket > Advanced Ajax Product Filters > 1.6.4.5

DATE CVE VULNERABILITY TITLE RISK
2025-02-28 CVE-2025-1505 Cross-site Scripting vulnerability in Berocket Advanced Ajax Product Filters
The Advanced AJAX Product Filters plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'nonce' parameter in all versions up to, and including, 1.6.8.1 due to insufficient input sanitization and output escaping.
network
low complexity
berocket CWE-79
6.1
6.1