WordPress Relevanssi Premium plugin < 2.25.0 - Unauthenticated Private/Draft Post Disclosure vulnerability

Unauthenticated Private/Draft Post Disclosure vulnerability discovered by Krzysztof Zając CERT PL in WordPress Plugin Relevanssi Premium versions 2.25.0...

WordPress Relevanssi Premium plugin <= 2.25.0 - Missing Authorization to Unauthenticated Query Log Export vulnerability

Missing Authorization to Unauthenticated Query Log Export vulnerability discovered by Krzysztof Zając - CERT PL in WordPress Plugin Relevanssi Premium versions = 2.25.0...

WordPress Relevanssi Premium plugin < 2.29.0 - Contributor+ SQLi vulnerability

Contributor+ SQLi vulnerability discovered by Drew Webber mcdruid in WordPress Plugin Relevanssi Premium versions 2.29.0...

CVE-2025-14719

The Relevanssi WordPress plugin before 4.26.0, Relevanssi Premium WordPress plugin before 2.29.0 do not sanitize and escape a parameter before using it in a SQL statement, allowing contributor and above roles to perform SQL injection attacks...

CVE-2025-14719 Relevanssi (Free < 4.26.0, Premium < 2.29.0) - Contributor+ SQLi

The Relevanssi WordPress plugin before 4.26.0, Relevanssi Premium WordPress plugin before 2.29.0 do not sanitize and escape a parameter before using it in a SQL statement, allowing contributor and above roles to perform SQL injection attacks...

WordPress plugin Relevanssi和WordPress plugin Relevanssi Premium 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

WordPress Relevanssi Premium plugin <= 2.27.6 - Unauthenticated Stored Cross-Site Scripting via Excerpt Highlights vulnerability

Unauthenticated Stored Cross-Site Scripting via Excerpt Highlights vulnerability discovered by Jack Taylor in WordPress Plugin Relevanssi Premium versions = 2.27.6...

EUVD-2017-1494

Malware in sbrugna...

CVE-2017-1000225

Reflected XSS in Relevanssi Premium version 1.14.8 when using relevanssididyoumean could allow unauthenticated attacker to do almost anything an admin can...

CVE-2016-10949

The Relevanssi Premium plugin before 1.14.6.1 for WordPress has SQL injection with resultant unsafe unserialization...

WordPress Relevanssi Premium plugin <= 2.25.1 - Missing Authorization to Unauthenticated Count Option Update vulnerability

Missing Authorization to Unauthenticated Count Option Update vulnerability discovered by Thura Moe Myint mgthuramoemyint in WordPress Plugin Relevanssi Premium versions = 2.25.1...

WordPress Relevanssi Premium plugin <= 2.25.1 - Unauthenticated Second Order CSV Injection vulnerability

Unauthenticated Second Order CSV Injection vulnerability discovered by Thura Moe Myint mgthuramoemyint in WordPress Plugin Relevanssi Premium versions = 2.25.1...

WordPress Relevanssi Premium Plugin <= 2.25.1 is vulnerable to Broken Access Control

Software Relevanssi Premium Type Plugin Vulnerable versions = 2.25.1 Fixed in 2.25.2 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-3213 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 4260d574a21e Credits Thura Moe Myint...

WordPress Relevanssi Premium Plugin <= 2.25.1 is vulnerable to CSV Injection

Software Relevanssi Premium Type Plugin Vulnerable versions = 2.25.1 Fixed in 2.25.2 OWASP Top 10 A1: Injection Classification CSV Injection CVE CVE-2024-3214 Patch priority Low CVSS severity Low 4.7 Developer Claim ownership PSID c945697bfd2b Credits Thura Moe Myint mgthuramoemyint Required...

WordPress Relevanssi Premium Plugin < 2.25 is vulnerable to Sensitive Data Exposure

Software Relevanssi Premium Type Plugin Vulnerable versions 2.25 Fixed in 2.25 OWASP Top 10 A1: Broken Access Control Classification Sensitive Data Exposure CVE N/A Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 420edf018e9b Credits N/A Required privilege Unauthenticated...

WordPress Relevanssi Premium Plugin SQL Injection Vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A SQL injection vulnerability exists in WordPress Relevanssi Premium plugin versions prior to 1.14.6.1. The...

CVE-2016-10949

The Relevanssi Premium plugin before 1.14.6.1 for WordPress has SQL injection with resultant unsafe unserialization...

CVE-2016-10949

The Relevanssi Premium plugin before 1.14.6.1 for WordPress has SQL injection with resultant unsafe unserialization...

Sql injection

The Relevanssi Premium plugin before 1.14.6.1 for WordPress has SQL injection with resultant unsafe unserialization...

CVE-2016-10949

The Relevanssi Premium plugin before 1.14.6.1 for WordPress has SQL injection with resultant unsafe unserialization...