From securityaffairs.co
On March 28, 2021, Astra Security Threat Intelligence Team responsibly disclosed a vulnerability in Ivory Search, a WordPress Search Plugin installed on over 60,000 sites. This security vulnerability could be exploited by an attacker to perform malicious actions on a victim’s website.
Ivory Search – WordPress Search Plugin allows its users to create new custom search forms for their WordPress site/s.