Relevanssi Relevanssi
11 CVEs affecting Relevanssi Relevanssi. Latest disclosed: 2024-10-08. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2016-10949 | High | 8.8 | 2019-09-13 | The Relevanssi Premium plugin before 1.14.6.1 for WordPress has SQL injection with resultant unsafe unserialization. |
CVE-2017-1000225 | Medium | 6.1 | 2017-11-17 | Reflected XSS in Relevanssi Premium version 1.14.8 when using relevanssi_didyoumean() could allow unauthenticated attacker to do almost anything an admin can |
CVE-2017-1000038 | Medium | 6.1 | 2017-07-17 | WordPress plugin Relevanssi version 3.5.7.1 is vulnerable to stored XSS resulting in attacker being able to execute JavaScript on the affected site |
CVE-2024-3214 | Medium | 5.8 | 2024-04-09 | The Relevanssi – A Better Search plugin for WordPress is vulnerable to CSV Injection in all versions up to, and including, 4.22.1. This makes it possible for u… |
CVE-2024-9021 | Medium | 5.4 | 2024-10-08 | In the process of testing the Relevanssi WordPress plugin before 4.23.1, a vulnerability was found that allows you to implement Stored XSS on behalf of the Co… |
CVE-2018-9034 | Medium | 5.4 | 2018-04-04 | Cross-site scripting (XSS) vulnerability in lib/interface.php of the Relevanssi plugin 4.0.4 for WordPress allows remote attackers to inject arbitrary JavaScri… |
CVE-2024-7630 | Medium | 5.3 | 2024-08-16 | The Relevanssi – A Better Search plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 4.22.2 (Free) and 2.25.1 (Pre… |
CVE-2024-3213 | Medium | 5.3 | 2024-04-09 | The Relevanssi – A Better Search plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the relevanssi_up… |
CVE-2024-1380 | Medium | 5.3 | 2024-03-13 | The Relevanssi – A Better Search plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the relevanssi_export_l… |
CVE-2023-7199 | Medium | 5.3 | 2024-01-29 | The Relevanssi WordPress plugin before 4.22.0, Relevanssi Premium WordPress plugin before 2.25.0 allows any unauthenticated user to read draft and private post… |
CVE-2014-9443 | | 2015-01-02 | Cross-site scripting (XSS) vulnerability in the Relevanssi plugin before 3.3.8 for WordPress allows remote attackers to inject arbitrary web script or HTML via… |