CVE-2022-38456: Infoleak
First published: Wed Mar 15 2023(Updated: )
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Ernest Marcinko Ajax Search Lite plugin <= 4.10.3 versions.
Credit: audit@patchstack.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Ajax Search Project Ajax Search | <=4.10.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2022-38456?
The severity of CVE-2022-38456 is high with a CVSS score of 7.5.
What is the affected software of CVE-2022-38456?
The affected software of CVE-2022-38456 is the Ernest Marcinko Ajax Search Lite plugin versions up to and including 4.10.3.
What is the CWE of CVE-2022-38456?
The CWE of CVE-2022-38456 is CWE-200.
How can I fix CVE-2022-38456?
To fix CVE-2022-38456, you should update the Ernest Marcinko Ajax Search Lite plugin to version 4.10.4 or later.
Where can I find more information about CVE-2022-38456?
You can find more information about CVE-2022-38456 [here](https://patchstack.com/database/vulnerability/ajax-search-lite/wordpress-ajax-search-lite-plugin-4-10-3-auth-data-exposure-vulnerability?_s_id=cve).
- collector/nvd-index
- agent/severity
- agent/weakness
- agent/author
- agent/tags
- agent/type
- agent/event
- agent/references
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- vendor/ajax search project
- canonical/ajax search project ajax search
- version/ajax search project ajax search/4.10.3