Name of the Vulnerable Software and Affected Versions:

Ajax Search Lite versions prior to 4.13.2

Description:

The Ajax Search Lite plugin for WordPress is susceptible to Basic Information Exposure. A missing authorization check in the AJAX search handler allows unauthenticated attackers to repeatedly request data via AJAX, potentially revealing the content of protected posts in 100-character segments.

Recommendations:

Update to a version prior to 4.13.2.