[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fKprfPoWAGAoWD2Q2CtCmkXB1aXdjCmwqrFFWrXPC0Hw":3},{"id":4,"url_slug":5,"title":6,"description":7,"plugin_slug":8,"theme_slug":9,"affected_versions":10,"patched_in_version":11,"severity":12,"cvss_score":13,"cvss_vector":14,"vuln_type":15,"published_date":16,"updated_date":17,"references":18,"days_to_patch":20},"CVE-2022-38456","ajax-search-lite-missing-authorization-leading-to-authenticated-subscriber-sensitive-information-disclosure","Ajax Search Lite \u003C= 4.10.3 - Missing Authorization leading to Authenticated (Subscriber+) Sensitive Information Disclosure","The Ajax Search Lite plugin for WordPress is vulnerable to Missing Authorization (leading to Sensitive Information Disclosure) in versions up to, and including, 4.10.3 via the 'searchCF' function. This can allow subscriber-level attackers to extract sensitive data including post metadata from an unprotected Ajax endpoint.","ajax-search-lite",null,"\u003C=4.10.3","4.11","medium",4.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:L\u002FI:N\u002FA:N","Missing Authorization","2023-02-06 00:00:00","2024-01-22 19:56:02",[19],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F5f2c157b-cd5a-459d-8e26-859e686148dc?source=api-prod",351]