Ajax Load More – Infinite Scroll, Load More, & Lazy Load

Vulnerabilities 26Slug ajax-load-moreLatest version 7.8.4WordPress.org →

Minimum safe version

7.8.2

Update to 7.8.2 or later to address 26 fixable vulnerabilities

Latest available7.8.4 ✓

Medium 5.3

2025-09-22< 7.6.1

Ajax Load More <= 7.6.0.2 - Unauthenticated Sensitive Information Exposure

Wordfence EUVD CVE

Medium 5.3

2026-01-31< 7.8.2

CVE-2025-15525

CVE EUVD Wordfence

High 8.8

2025-07-22< 2.8.1.2

CVE-2015-10140

CVE EUVD

Medium 6.4

2025-06-16< 7.4.1

WordPress Infinite Scroll – Ajax Load More <= 7.4.0.1 - Authenticated(Contributor+) Stored Cross-Site Scripting

Wordfence CVE

Medium 5.4

2025-05-07< 7.3.1.3

CVE-2025-47630

CVE EUVD Patchstack Wordfence

Medium 5.4

2024-10-02< 7.1.3

CVE-2024-8505

CVE Patchstack Wordfence

Medium 5.4

2024-06-03< 7.1.2

WordPress Ajax Load More Plugin <= 7.1.1 is vulnerable to Cross Site Scripting (XSS)

Patchstack CVE Wordfence

N/A

< 7.0.2

WordPress Ajax Load More Plugin <= 7.0.1 is vulnerable to Cross Site Scripting (XSS)

Patchstack

N/A

2024-03-28< 7.0.2

Ajax Load More <= 7.0.1 - Authenticated (Administrator+) Stored Cross-Site Scripting

Wordfence

Medium 4.9

2024-04-09< 7.1.0

CVE-2024-1790

CVE Wordfence Patchstack WPScan

Medium 6.5

2024-12-22< 6.2.0

WordPress Ajax Load More Plugin <= 6.1.0.1 is vulnerable to Cross Site Scripting (XSS)

Patchstack CVE Wordfence WPScan

N/A

< 5.5.4

Ajax Load More < 5.5.4.1 - Admin+ Arbitrary File Read

WPScan

Medium 5.4

2023-03-14< 5.6.0.3

WordPress Ajax Load More Plugin < 5.6.0.3 is vulnerable to Cross Site Scripting (XSS)

Patchstack CVE Wordfence WPScan

N/A

2015-10-10< 2.8.1.2

WordPress Infinite Scroll – Ajax Load More <= 2.8.1.1 - Arbitrary File Upload

Wordfence

N/A

2016-08-15< 2.11.2

Ajax Load More < 2.11.2 - Local File Inclusion

Wordfence

N/A

2022-08-31< 5.5.4.1

Infinite Scroll – Ajax Load More <= 5.5.4 - Authenticated (Admin+) Arbitrary File Read via Directory Traversal

Wordfence

N/A

< 2.8.1.2

Ajax Load More <= 2.8.1.1 - Authenticated File Upload & Deletion

WPScan

N/A

< 2.11.2

Ajax Load More <= 2.11.1 - Local File Inclusion (LFI)

WPScan

Low 2.7

2022-09-06< 5.5.4

CVE-2022-2945

CVE Patchstack Wordfence WPScan

Medium 4.9

2022-09-06< 5.5.4

CVE-2022-2943

CVE Patchstack Wordfence

High 7.5

2022-09-06< 5.5.4

CVE-2022-2433

CVE Patchstack Wordfence WPScan

N/A

2015-10-18< 2.8.2

WordPress Ajax Load More Plugin < 2.8.2 - File Upload

Patchstack

N/A

2015-11-09< 2.8.1.2

WordPress Ajax Load More Plugin 2.8.1.1 - PHP Upload

Patchstack

N/A

2016-08-15< 2.11.2

WordPress Ajax Load More Plugin <= 2.11.1 - Local File Inclusion

Patchstack

N/A

2020-05-18< 5.3.2

WordPress Ajax Load More plugin <= 5.3.1 - Authenticated SQL Injection (SQLi) vulnerability

Patchstack

High 7.2

2021-03-18< 5.3.2

CVE-2021-24140

CVE Wordfence WPScan