Reflected XSS Vulnerability In “Ivory Search” WP Plugin Impact Over 60K sites

From securityaffairs.co

ivory search WP plugin

On March 28, 2021, Astra Security Threat Intelligence Team responsibly disclosed a vulnerability in Ivory Search, a WordPress Search Plugin installed on over 60,000 sites. This security vulnerability could be exploited by an attacker to perform malicious actions on a victim’s website.

Ivory Search – WordPress Search Plugin allows its users to create new custom search forms for their WordPress site/s.

Read more…