Description
The Advanced AJAX Product Filters plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'nonce' parameter in all versions up to, and including, 1.6.8.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
Published: 2025-02-28
Score: 6.1 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Cross‑Site Scripting
Action: Apply Patch
AI Analysis

Impact

The Advanced AJAX Product Filters plugin for WordPress has a reflected cross‑site scripting vulnerability that is triggered by the nonce parameter. Because the plugin does not properly sanitize or escape the value supplied in this parameter, an attacker can embed arbitrary JavaScript into a page by crafting a URL that includes the vulnerable nonce. When an unsuspecting user follows such a link, the browser executes the injected script in the context of the site.

Affected Systems

All WordPress sites that install the Berocket Advanced AJAX Product Filters plugin in any version up to and including 1.6.8.1 are impacted. The flaw exists throughout the plugin’s core code across these releases.

Risk and Exploitability

The CVSS v3 score of 6.1 indicates medium severity, while the EPSS score of less than 1% suggests that exploitation is currently unlikely but still possible. The vulnerability is not listed in the CISA KEV catalog. Exploitation requires an attacker to construct a malicious URL that contains the vulnerable nonce value and to persuade a user to click it, thereby triggering script execution. Based on the description, it is inferred that the injected script could potentially lead to defacement, credential theft, or delivery of additional malware, though such outcomes are not explicitly confirmed in the advisory.

Generated by OpenCVE AI on April 22, 2026 at 02:03 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the Advanced AJAX Product Filters plugin to any version newer than 1.6.8.1, which contains the input sanitization and output escaping fixes.
  • If an immediate upgrade is not possible, deactivate or completely uninstall the plugin to remove the vulnerable code path.
  • As a temporary measure, block or filter requests that include the nonce parameter before they reach the plugin code; ensure that only valid nonces are accepted and that any value containing script‑like characters is rejected or escaped before rendering.

Generated by OpenCVE AI on April 22, 2026 at 02:03 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-5481 The Advanced AJAX Product Filters plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'nonce' parameter in all versions up to, and including, 1.6.8.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
History

Thu, 06 Mar 2025 21:00:00 +0000

Type Values Removed Values Added
First Time appeared Berocket
Berocket advanced Ajax Product Filters
CPEs cpe:2.3:a:berocket:advanced_ajax_product_filters:*:*:*:*:*:wordpress:*:*
Vendors & Products Berocket
Berocket advanced Ajax Product Filters

Tue, 04 Mar 2025 03:45:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 28 Feb 2025 04:45:00 +0000

Type Values Removed Values Added
Description The Advanced AJAX Product Filters plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'nonce' parameter in all versions up to, and including, 1.6.8.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
Title Advanced AJAX Product Filters <= 1.6.8.1 - Reflected Cross-Site Scripting
Weaknesses CWE-79
References
Metrics cvssV3_1

{'score': 6.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N'}

Subscriptions

Berocket Advanced Ajax Product Filters
cve-icon MITRE

Status: PUBLISHED

Assigner: Wordfence

Published:

Updated: 2026-04-08T17:09:55.716Z

Reserved: 2025-02-20T18:39:11.120Z

Link: CVE-2025-1505

cve-icon Vulnrichment

Updated: 2025-02-28T14:01:55.444Z

cve-icon NVD

Status : Analyzed

Published: 2025-02-28T05:15:33.923

Modified: 2025-03-06T20:21:36.547

Link: CVE-2025-1505

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-22T02:15:05Z

Weaknesses