Description
The Advance WP Query Search Filter WordPress plugin through 1.0.10 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
Published: 2025-12-30
Score: 6.1 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Reflected Cross‑Site Scripting for privileged users
Action: Patch
AI Analysis

Impact

The Advance WP Query Search Filter WordPress plugin, for versions up to 1.0.10, fails to sanitize and escape a parameter before displaying it back to the browser. This allows a reflected Cross‑Site Scripting (XSS) attack. An attacker could inject malicious scripts that are executed in the context of high‑privilege users such as site administrators, potentially compromising account credentials, defacing content, or redirecting to phishing sites. The weakness is a classic input neutralization failure (CWE‑79).

Affected Systems

This vulnerability affects the plugin named Advance WP Query Search Filter with all releases through 1.0.10. Users running an older or unpatched instance of the plugin are susceptible, including those deployed on any WordPress site.

Risk and Exploitability

The CVSS score of 6.1 indicates moderate severity. The EPSS score of less than 1 % suggests a low likelihood of widespread exploitation at present, and the vulnerability is not listed in CISA’s KEV catalog. The attack vector is inferred to be the AJAX endpoint "taxo_ajax", which can be accessed by authenticated users with admin rights; an attacker who tricks such a user into opening a crafted link could trigger the reflected XSS. The mitigate‑and‑patch approach, combined with user‑role restrictions, is required to reduce risk.

Generated by OpenCVE AI on April 27, 2026 at 22:01 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the plugin to a version that includes the XSS fix (use any release newer than 1.0.10 that the vendor publishes).
  • If an upgrade is not available, delete or deactivate the Advance WP Query Search Filter plugin to eliminate the attack surface.
  • Configure a Content Security Policy that disallows inline scripts and restricts script sources to trusted domains, which mitigates XSS impact if the plugin remains installed.

Generated by OpenCVE AI on April 27, 2026 at 22:01 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 27 Apr 2026 22:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-79

Mon, 05 Jan 2026 10:45:00 +0000

Type Values Removed Values Added
First Time appeared Wordpress
Wordpress wordpress
Vendors & Products Wordpress
Wordpress wordpress

Tue, 30 Dec 2025 16:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 6.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 30 Dec 2025 06:15:00 +0000

Type Values Removed Values Added
Description The Advance WP Query Search Filter WordPress plugin through 1.0.10 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
Title Advance WP Query Search Filter <= 1.0.10 - Reflected XSS via taxo_ajax
References

Subscriptions

Wordpress Wordpress
cve-icon MITRE

Status: PUBLISHED

Assigner: WPScan

Published:

Updated: 2026-04-02T12:39:54.522Z

Reserved: 2025-12-09T08:23:20.853Z

Link: CVE-2025-14313

cve-icon Vulnrichment

Updated: 2025-12-30T15:59:41.461Z

cve-icon NVD

Status : Deferred

Published: 2025-12-30T06:15:40.800

Modified: 2026-04-15T00:35:42.020

Link: CVE-2025-14313

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-27T22:15:15Z

Weaknesses