Description
The Advance WP Query Search Filter WordPress plugin through 1.0.10 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
Published: 2025-12-30
Score: 6.1 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Reflected XSS
Action: Patch
AI Analysis

Impact

The Advance WP Query Search Filter WordPress plugin version 1.0.10 and earlier contains an unsanitized and unescaped parameter that is echoed back in the page. This flaw allows a malicious user to inject JavaScript that executes in the context of privileged users such as administrators, compromising the confidentiality and integrity of the site. The weakness is a classic reflected cross‑site scripting flaw and corresponds to CWE‑79.

Affected Systems

WordPress installations using the Advance WP Query Search Filter plugin up to and including version 1.0.10 are affected.

Risk and Exploitability

The CVSS score of 6.1 indicates moderate severity, while the EPSS score of less than 1% suggests low likelihood of exploitation at present. The vulnerability is not listed in the CISA KEV catalog. Attackers would need to craft a URL containing the vulnerable counter parameter and have the target high‑privilege user visit it. Once the script runs, the attacker could deface the site, steal session cookies, or perform other malicious actions within the user’s session.

Generated by OpenCVE AI on April 28, 2026 at 10:06 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the Advance WP Query Search Filter plugin to the latest version that implements proper input sanitization.
  • Restrict the use of the query filter feature for users with administrative privileges until the fix is applied.
  • Ensure all user‑supplied data is passed through WordPress escaping functions such as esc_html() before being output to the page to mitigate the underlying input validation weakness.

Generated by OpenCVE AI on April 28, 2026 at 10:06 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 28 Apr 2026 10:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-79

Mon, 05 Jan 2026 10:45:00 +0000

Type Values Removed Values Added
First Time appeared Wordpress
Wordpress wordpress
Vendors & Products Wordpress
Wordpress wordpress

Tue, 30 Dec 2025 16:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 6.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 30 Dec 2025 06:15:00 +0000

Type Values Removed Values Added
Description The Advance WP Query Search Filter WordPress plugin through 1.0.10 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
Title Advance WP Query Search Filter <= 1.0.10 - Reflected XSS via counter
References

Subscriptions

Wordpress Wordpress
cve-icon MITRE

Status: PUBLISHED

Assigner: WPScan

Published:

Updated: 2026-04-02T12:39:54.274Z

Reserved: 2025-12-09T08:23:14.741Z

Link: CVE-2025-14312

cve-icon Vulnrichment

Updated: 2025-12-30T15:59:00.537Z

cve-icon NVD

Status : Deferred

Published: 2025-12-30T06:15:39.973

Modified: 2026-04-15T00:35:42.020

Link: CVE-2025-14312

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-28T10:15:28Z

Weaknesses