190 matches found
WordPress Relevanssi plugin <= 4.22.2 - Unauthenticated Information Exposure vulnerability
Unauthenticated Information Exposure vulnerability discovered by stealthcopter in WordPress Plugin Relevanssi versions = 4.22.2...
WordPress plugin Relevanssi 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...
WordPress Relevanssi Plugin <= 4.22.2 is vulnerable to Sensitive Data Exposure
Software Relevanssi Type Plugin Vulnerable versions = 4.22.2 Fixed in 4.23.0 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-7630 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID cdb75757e257 Credits stealthcopter Required...
PT-2024-38465 · WordPress · Relevanssi
Name of the Vulnerable Software and Affected Versions: The Relevanssi – A Better Search plugin for WordPress versions up to, and including, 4.22.2 Description: The issue allows unauthenticated attackers to extract potentially sensitive information from password protected posts due to insufficient...
CVE-2024-3213
The Relevanssi – A Better Search plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the relevanssiupdatecounts function in all versions up to, and including, 4.22.1. This makes it possible for unauthenticated attackers to execute expensive...
CVE-2024-3213
The Relevanssi – A Better Search plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the relevanssiupdatecounts function in all versions up to, and including, 4.22.1. This makes it possible for unauthenticated attackers to execute expensive...
CVE-2024-3214
The Relevanssi – A Better Search plugin for WordPress is vulnerable to CSV Injection in all versions up to, and including, 4.22.1. This makes it possible for unauthenticated attackers to embed untrusted input into exported CSV files, which can result in code execution when these files are...
CVE-2024-3213
CVE-2024-3213 affects the Relevanssi – A Better Search WordPress plugin. A missing capability check in relevanssi_update_counts() allows unauthenticated users to trigger expensive queries, leading to denial of service. Affected versions include up to 4.22.1. The issue is acknowledged in Red Hat a...
CVE-2024-3213
The Relevanssi – A Better Search plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the relevanssiupdatecounts function in all versions up to, and including, 4.22.1. This makes it possible for unauthenticated attackers to execute expensive...
CVE-2024-3214
The Relevanssi – A Better Search plugin for WordPress is vulnerable to CSV Injection in all versions up to, and including, 4.22.1. This makes it possible for unauthenticated attackers to embed untrusted input into exported CSV files, which can result in code execution when these files are...
CVE-2024-3214
CVE-2024-3214 affects Relevanssi – A Better Search (WordPress) up to version 4.22.1. It allows unauthenticated CSV injection by embedding untrusted input in exported CSV files, with potential code execution when the CSV is opened in a vulnerable environment. The vulnerability is classified as una...
CVE-2024-3214 Relevanssi – A Better Search <= 4.22.1 - Unauthenticated Second Order CSV Injection
The Relevanssi – A Better Search plugin for WordPress is vulnerable to CSV Injection in all versions up to, and including, 4.22.1. This makes it possible for unauthenticated attackers to embed untrusted input into exported CSV files, which can result in code execution when these files are...
WordPress Plugin Relevanssi 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
WordPress Plugin Relevanssi 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
PT-2024-24435 · WordPress · Relevanssi
Name of the Vulnerable Software and Affected Versions: Relevanssi – A Better Search plugin for WordPress versions up to, and including, 4.22.1 Description: The issue allows unauthenticated attackers to embed untrusted input into exported CSV files, which can result in code execution when these...
PT-2024-24424 · WordPress · Relevanssi
Name of the Vulnerable Software and Affected Versions: The Relevanssi – A Better Search plugin for WordPress versions up to, and including, 4.22.1 Description: The issue allows unauthorized modification of data due to a missing capability check on the relevanssi update counts function. This makes...
WordPress Relevanssi Premium plugin <= 2.25.1 - Missing Authorization to Unauthenticated Count Option Update vulnerability
Missing Authorization to Unauthenticated Count Option Update vulnerability discovered by Thura Moe Myint mgthuramoemyint in WordPress Plugin Relevanssi Premium versions = 2.25.1...
WordPress Relevanssi plugin <= 4.22.1 - Missing Authorization to Unauthenticated Count Option Update vulnerability
Missing Authorization to Unauthenticated Count Option Update vulnerability discovered by Thura Moe Myint mgthuramoemyint in WordPress Plugin Relevanssi versions = 4.22.1...
WordPress Relevanssi Premium plugin <= 2.25.1 - Unauthenticated Second Order CSV Injection vulnerability
Unauthenticated Second Order CSV Injection vulnerability discovered by Thura Moe Myint mgthuramoemyint in WordPress Plugin Relevanssi Premium versions = 2.25.1...
WordPress Relevanssi plugin <= 4.22.1 - Unauthenticated Second Order CSV Injection vulnerability
Unauthenticated Second Order CSV Injection vulnerability discovered by Thura Moe Myint mgthuramoemyint in WordPress Plugin Relevanssi versions = 4.22.1...