Approved changes feed: RSS · Atom

cpe:2.3:a:ajax_search_project:ajax_search:*:*:*:*:*:wordpress:*:*

part: a version: * update: *

VendorAjax Search Project (9dad4ebd-7080-5273-9b26-04195a53dc20)
ProductAjax Search (83cfc5bc-64b0-5724-9e2c-1efee4939108)
Edition*
Language*
Software edition*
Target softwarewordpress
Target hardware*
Other*
NotesImported from purl2cpe mapping

PURL mappings

PURLSourceLast updated
pkg:github/wp-plugins/cardoza-ajax-search purl2cpe 2026-06-01 10:18:08.068720

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2012-5853 vulnerable 2026-06-08 05:02:58.474853 Details available
SQL injection vulnerability in the "the_search_function" function in cardoza_ajax_search.php in the AJAX Post Search (cardoza-ajax-search) plugin before 1.3 for WordPress allows remote attackers to execute arbitrary SQL commands via the srch_txt parameter in a "the_search_text" action to wp-admin/admin-ajax.php.
Published: 2015-01-08T01:00:00.000Z
Updated: 2024-08-06T21:21:28.305Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.