WP Clinic
Log in Sign up

PLUGIN SECURITY

Is Ajax Search Lite safe?

Known vulnerabilities, PHP compatibility and safer alternatives for the Ajax Search Lite WordPress plugin — checked against WP Clinic's local security database.

Plugin details

  • Slug: ajax-search-lite
  • Requires PHP: 7.4+
  • Max supported PHP (analyzed): 8.4

Known vulnerabilities

  • Ajax Search Lite &#8211; Live Search &amp; Filter [ajax-search-lite] < 3.11 [WordPress Ajax Search Lite Plugin <= 3.1 - Remote Code Execution]
  • Ajax Search Lite &#8211; Live Search &amp; Filter [ajax-search-lite] < 3.0 [WordPress Ajax Search Pro Plugin - Remote Code Execution]
  • Ajax Search Lite &#8211; Live Search &amp; Filter [ajax-search-lite] < 3.11 [Ajax Search Lite &lt;= 3.1 - Authenticated RCE]
  • Ajax Search Lite &#8211; Live Search &amp; Filter [ajax-search-lite] < 3.11 [Ajax Search Lite < 3.11 - Missing Authorization to Remote Code Execution]
  • Ajax Search Lite &#8211; Live Search &amp; Filter [ajax-search-lite] < 3.11 [Ajax Search Lite < 3.11 - Remote Code Execution]
+ 9 more known vulnerabilities
  • Ajax Search Lite &#8211; Live Search &amp; Filter [ajax-search-lite] < 4.11.1 [CVE-2022-38456, WordPress Ajax Search Lite Plugin <= 4.10.3 is vulnerable to Sensitive Data Exposure, Ajax Search Lite <= 4.10.3 - Missing Authorization leading to Authenticated (Subscriber+) Sensitive Information Disclosure, Ajax Search Lite &lt; 4.11.1 - Subscriber+ Sensitive Data Disclosure]
  • Ajax Search Lite &#8211; Live Search &amp; Filter [ajax-search-lite] < 4.11.1 [CVE-2023-1420, WordPress Ajax Search Lite Plugin <= 4.11 is vulnerable to Cross Site Scripting (XSS), WordPress Ajax Search Pro Plugin < 4.26.2 is vulnerable to Cross Site Scripting (XSS), Ajax Search Lite <= 4.11 - Reflected Cross-Site Scripting, Ajax Search Lite &lt; 4.11.1, Pro &lt; 4.26.2 - Reflected Cross-Site Scripting]
  • Ajax Search Lite &#8211; Live Search &amp; Filter [ajax-search-lite] < 4.11.5 [CVE-2024-21752, WordPress Ajax Search Lite Plugin <= 4.11.4 is vulnerable to Cross Site Scripting (XSS), Ajax Search Lite <= 4.11.4 - Reflected Cross-Site Scripting, Ajax Search Lite &lt; 4.11.5 - Reflected Cross-Site Scripting]
  • Ajax Search Lite &#8211; Live Search &amp; Filter [ajax-search-lite] < 4.12.1 [CVE-2024-7084, WordPress Ajax Search Lite Plugin < 4.12.1 is vulnerable to Cross Site Scripting (XSS), Ajax Search Lite < 4.12 - Authenticated (Admin+) Stored Cross-Site Scripting]
  • Ajax Search Lite &#8211; Live Search &amp; Filter [ajax-search-lite] < 4.12.3 [CVE-2024-8619, Ajax Search Lite <= 4.12.1 - Authenticated (Administrator+) Stored Cross-Site Scripting, EUVD-2025-15239]
  • Ajax Search Lite &#8211; Live Search &amp; Filter [ajax-search-lite] < 4.12.4 [CVE-2024-10568, Ajax Search Lite <= 4.12.3 - Authenticated (Admin+) Stored Cross-Site Scripting, WordPress Ajax Search Lite Plugin < 4.12.4 is vulnerable to Cross Site Scripting (XSS)]
  • Ajax Search Lite &#8211; Live Search &amp; Filter [ajax-search-lite] < 4.12.5 [CVE-2024-13585, Ajax Search Lite <= 4.12.4 - Authenticated (Admin+) Stored Cross-Site Scripting, EUVD-2025-4500]
  • Ajax Search Lite &#8211; Live Search &amp; Filter [ajax-search-lite] < 4.13.4 [CVE-2025-48086, Ajax Search Lite <= 4.13.3 - Authenticated (Administrator+) PHP Object Injection]
  • Ajax Search Lite &#8211; Live Search &amp; Filter [ajax-search-lite] < 4.13.2 [Ajax Search Lite <= 4.13.1 - Missing Authorization to Unauthenticated Basic Information Exposure via ASL_Query in AJAX Search Handler, Ajax Search Lite <= 4.13.1 - Missing Authorization to Unauthenticated Basic Information Exposure via ASL_Query in AJAX Search Handler, EUVD-2025-26081]

Vulnerabilities are matched against the exact installed version when it's known. Always keep the plugin updated to the latest release.

Safer / more established alternatives

Check your own WordPress site

Run a free passive scan now, or create a free account and install the WP Clinic plugin for a deep scan of your whole hosting account and AI-assisted repair.