Lucene search
K

190 matches found

Patchstack
Patchstack
added 2024/08/16 1:31 a.m.6 views

WordPress Relevanssi plugin <= 4.22.2 - Unauthenticated Information Exposure vulnerability

Unauthenticated Information Exposure vulnerability discovered by stealthcopter in WordPress Plugin Relevanssi versions = 4.22.2...

7.5CVSS7AI score0.00478EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/08/16 12:0 a.m.5 views

WordPress plugin Relevanssi 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

7.5CVSS6.1AI score0.00478EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/08/16 12:0 a.m.11 views

WordPress Relevanssi Plugin <= 4.22.2 is vulnerable to Sensitive Data Exposure

Software Relevanssi Type Plugin Vulnerable versions = 4.22.2 Fixed in 4.23.0 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-7630 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID cdb75757e257 Credits stealthcopter Required...

7.5CVSS6.6AI score0.00478EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2024/08/15 12:0 a.m.6 views

PT-2024-38465 · WordPress · Relevanssi

Name of the Vulnerable Software and Affected Versions: The Relevanssi – A Better Search plugin for WordPress versions up to, and including, 4.22.2 Description: The issue allows unauthenticated attackers to extract potentially sensitive information from password protected posts due to insufficient...

7.5CVSS6.9AI score0.00478EPSS
Exploits0References8
OSV
OSV
added 2024/04/09 7:15 p.m.6 views

CVE-2024-3213

The Relevanssi – A Better Search plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the relevanssiupdatecounts function in all versions up to, and including, 4.22.1. This makes it possible for unauthenticated attackers to execute expensive...

8.2CVSS5.9AI score0.0081EPSS
Exploits0References3
NVD
NVD
added 2024/04/09 7:15 p.m.21 views

CVE-2024-3213

The Relevanssi – A Better Search plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the relevanssiupdatecounts function in all versions up to, and including, 4.22.1. This makes it possible for unauthenticated attackers to execute expensive...

8.2CVSS5.2AI score0.0081EPSS
Exploits0References3
NVD
NVD
added 2024/04/09 7:15 p.m.31 views

CVE-2024-3214

The Relevanssi – A Better Search plugin for WordPress is vulnerable to CSV Injection in all versions up to, and including, 4.22.1. This makes it possible for unauthenticated attackers to embed untrusted input into exported CSV files, which can result in code execution when these files are...

9.8CVSS6AI score0.00769EPSS
Exploits0References2
CVE
CVE
added 2024/04/09 6:59 p.m.65 views

CVE-2024-3213

CVE-2024-3213 affects the Relevanssi – A Better Search WordPress plugin. A missing capability check in relevanssi_update_counts() allows unauthenticated users to trigger expensive queries, leading to denial of service. Affected versions include up to 4.22.1. The issue is acknowledged in Red Hat a...

8.2CVSS6.2AI score0.0081EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2024/04/09 6:59 p.m.15 views

CVE-2024-3213

The Relevanssi – A Better Search plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the relevanssiupdatecounts function in all versions up to, and including, 4.22.1. This makes it possible for unauthenticated attackers to execute expensive...

5.3CVSS5.3AI score0.0081EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/04/09 6:59 p.m.14 views

CVE-2024-3214

The Relevanssi – A Better Search plugin for WordPress is vulnerable to CSV Injection in all versions up to, and including, 4.22.1. This makes it possible for unauthenticated attackers to embed untrusted input into exported CSV files, which can result in code execution when these files are...

5.8CVSS7.5AI score0.00769EPSS
Exploits0References2
CVE
CVE
added 2024/04/09 6:59 p.m.71 views

CVE-2024-3214

CVE-2024-3214 affects Relevanssi – A Better Search (WordPress) up to version 4.22.1. It allows unauthenticated CSV injection by embedding untrusted input in exported CSV files, with potential code execution when the CSV is opened in a vulnerable environment. The vulnerability is classified as una...

9.8CVSS9.3AI score0.00769EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/04/09 6:59 p.m.33 views

CVE-2024-3214 Relevanssi – A Better Search <= 4.22.1 - Unauthenticated Second Order CSV Injection

The Relevanssi – A Better Search plugin for WordPress is vulnerable to CSV Injection in all versions up to, and including, 4.22.1. This makes it possible for unauthenticated attackers to embed untrusted input into exported CSV files, which can result in code execution when these files are...

5.8CVSS6.3AI score0.00769EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/04/09 12:0 a.m.4 views

WordPress Plugin Relevanssi 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

9.8CVSS8.6AI score0.00769EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/04/09 12:0 a.m.5 views

WordPress Plugin Relevanssi 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

8.2CVSS8.2AI score0.0081EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/04/09 12:0 a.m.9 views

PT-2024-24435 · WordPress · Relevanssi

Name of the Vulnerable Software and Affected Versions: Relevanssi – A Better Search plugin for WordPress versions up to, and including, 4.22.1 Description: The issue allows unauthenticated attackers to embed untrusted input into exported CSV files, which can result in code execution when these...

9.8CVSS9.8AI score0.00769EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/04/09 12:0 a.m.8 views

PT-2024-24424 · WordPress · Relevanssi

Name of the Vulnerable Software and Affected Versions: The Relevanssi – A Better Search plugin for WordPress versions up to, and including, 4.22.1 Description: The issue allows unauthorized modification of data due to a missing capability check on the relevanssi update counts function. This makes...

8.2CVSS9.6AI score0.0081EPSS
Exploits0References6
Patchstack
Patchstack
added 2024/04/05 12:46 a.m.7 views

WordPress Relevanssi Premium plugin <= 2.25.1 - Missing Authorization to Unauthenticated Count Option Update vulnerability

Missing Authorization to Unauthenticated Count Option Update vulnerability discovered by Thura Moe Myint mgthuramoemyint in WordPress Plugin Relevanssi Premium versions = 2.25.1...

8.2CVSS7AI score0.0081EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/04/05 12:45 a.m.6 views

WordPress Relevanssi plugin <= 4.22.1 - Missing Authorization to Unauthenticated Count Option Update vulnerability

Missing Authorization to Unauthenticated Count Option Update vulnerability discovered by Thura Moe Myint mgthuramoemyint in WordPress Plugin Relevanssi versions = 4.22.1...

8.2CVSS7AI score0.0081EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/04/05 12:44 a.m.5 views

WordPress Relevanssi Premium plugin <= 2.25.1 - Unauthenticated Second Order CSV Injection vulnerability

Unauthenticated Second Order CSV Injection vulnerability discovered by Thura Moe Myint mgthuramoemyint in WordPress Plugin Relevanssi Premium versions = 2.25.1...

9.8CVSS7.3AI score0.00769EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/04/05 12:43 a.m.4 views

WordPress Relevanssi plugin <= 4.22.1 - Unauthenticated Second Order CSV Injection vulnerability

Unauthenticated Second Order CSV Injection vulnerability discovered by Thura Moe Myint mgthuramoemyint in WordPress Plugin Relevanssi versions = 4.22.1...

9.8CVSS7.3AI score0.00769EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder