What the vulnerability does
01Description
The Find And Replace content for WordPress plugin for WordPress is vulnerable to unauthorized Stored Cross-Site Scripting and Arbitrary Content Replacement due to a missing capability check on the far_admin_ajax_fun() function in all versions up to, and including, 1.1. This makes it possible for unauthenticated attackers to inject arbitrary web scripts into pages that can make privilege escalation and malicious redirects possible.
Explanation of Vulnerability in Simple Terms
02Summary
The Find And Replace content plugin for WordPress versions 1.1 and earlier lacks proper authorization checks. An unauthenticated attacker can read and modify site content without permission. The vulnerability affects all installations of the plugin up to version 1.1. Site administrators should update immediately to a patched version.
What an attacker can do
03Attacker Capabilities
Read and modify any site content without logging in.
Potential impact on your site
04Site Impact
Attackers can alter or delete published posts, pages, and other content without authentication.
Conditions required to exploit
05Prerequisites
None. The attacker needs only network access to the WordPress site.
Key dates
06Disclosure timeline
October 15, 2025
CVE published
April 8, 2026
Record updated