CVE-2025-14313
Advance WP Query Search Filter <= 1.0.10 - Reflected XSS via taxo_ajax
CVSS Score
6.1
EPSS Score
0.0%
EPSS Percentile
12th
The Advance WP Query Search Filter WordPress plugin through 1.0.10 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
| Vendor | unknown |
| Product | advance wp query search filter |
| Published | Dec 30, 2025 |
| Last Updated | Apr 2, 2026 |
Stay Ahead of the Next One
Get instant alerts for unknown advance wp query search filter
Be the first to know when new medium vulnerabilities affecting unknown advance wp query search filter are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
Unknown / Advance WP Query Search Filter
0 โค 1.0.10
References
Credits
Yevgen Goncharuk WPScan