CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-47507 – WordPress Better Search <= 4.1.0 - Cross Site Scripting (XSS) Vulnerability
https://notcve.org/view.php?id=CVE-2025-47507
07 May 2025 — Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ajay Better Search allows DOM-Based XSS. This issue affects Better Search: from n/a through 4.1.0. The Better Search plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 4.1.0 due to insufficient input sanitization and output escaping in the better search form. This makes it possible for authenticated attackers, with contributor-level access and above, to injec... • https://patchstack.com/database/wordpress/plugin/better-search/vulnerability/wordpress-better-search-4-1-0-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-29142 – WordPress Better Search plugin <= 3.3.0 - Stored Cross Site Scripting (XSS) vulnerability
https://notcve.org/view.php?id=CVE-2024-29142
18 Mar 2024 — Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WebberZone Better Search – Relevant search results for WordPress allows Stored XSS.This issue affects Better Search – Relevant search results for WordPress: from n/a through 3.3.0. Neutralización inadecuada de la entrada durante la vulnerabilidad de generación de páginas web ('Cross-site Scripting') en WebberZone Better Search: los resultados de búsqueda relevantes para WordPress permiten almacenar XSS. Est... • https://patchstack.com/database/vulnerability/better-search/wordpress-better-search-plugin-3-3-0-stored-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •