Lucene search
+L

4 matches found

NVD
NVD
added 2024/04/09 7:15 p.m.21 views

CVE-2024-3213

The Relevanssi – A Better Search plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the relevanssiupdatecounts function in all versions up to, and including, 4.22.1. This makes it possible for unauthenticated attackers to execute expensive...

8.2CVSS5.2AI score0.0081EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/04/09 6:59 p.m.31 views

CVE-2024-3213 Relevanssi – A Better Search <= 4.22.1 - Missing Authorization to Unauthenticated Count Option Update

The Relevanssi – A Better Search plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the relevanssiupdatecounts function in all versions up to, and including, 4.22.1. This makes it possible for unauthenticated attackers to execute expensive...

5.3CVSS5.5AI score0.0081EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/04/05 12:0 a.m.13 views

WordPress Relevanssi Premium Plugin <= 2.25.1 is vulnerable to Broken Access Control

Software Relevanssi Premium Type Plugin Vulnerable versions = 2.25.1 Fixed in 2.25.2 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-3213 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 4260d574a21e Credits Thura Moe Myint...

8.2CVSS6.6AI score0.0081EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/04/05 12:0 a.m.10 views

WordPress Relevanssi Plugin <= 4.22.1 is vulnerable to Broken Access Control

Software Relevanssi Type Plugin Vulnerable versions = 4.22.1 Fixed in 4.22.2 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-3213 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 8c3f0b93ac8a Credits Thura Moe Myint mgthuramoemyint...

8.2CVSS6.6AI score0.0081EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder