Security Advisory

CVE-2025-15525

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-01-31 04:35:15

Last updated 2026-04-08 17:24:49

Assigner Wordfence

State PUBLISHED

Description

The Ajax Load More – Infinite Scroll, Load More, & Lazy Load plugin for WordPress is vulnerable to unauthorized access of data due to incorrect authorization on the parse_custom_args() function in all versions up to, and including, 7.8.1. This makes it possible for unauthenticated attackers to expose the titles and excerpts of private, draft, pending, scheduled, and trashed posts.

← Browse all CVEs View on cve.org ↗