Lucene search
+L

4 matches found

NVD
NVD
added 2024/04/09 7:15 p.m.31 views

CVE-2024-3214

The Relevanssi – A Better Search plugin for WordPress is vulnerable to CSV Injection in all versions up to, and including, 4.22.1. This makes it possible for unauthenticated attackers to embed untrusted input into exported CSV files, which can result in code execution when these files are...

9.8CVSS6AI score0.00769EPSS
Exploits0References2
CVE
CVE
added 2024/04/09 6:59 p.m.72 views

CVE-2024-3214

CVE-2024-3214 affects Relevanssi – A Better Search (WordPress) up to version 4.22.1. It allows unauthenticated CSV injection by embedding untrusted input in exported CSV files, with potential code execution when the CSV is opened in a vulnerable environment. The vulnerability is classified as una...

9.8CVSS9.3AI score0.00769EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/04/05 12:0 a.m.20 views

WordPress Relevanssi Plugin <= 4.22.1 is vulnerable to CSV Injection

Software Relevanssi Type Plugin Vulnerable versions = 4.22.1 Fixed in 4.22.2 OWASP Top 10 A1: Injection Classification CSV Injection CVE CVE-2024-3214 Patch priority Low CVSS severity Low 4.7 Developer Claim ownership PSID 3b70af9574ea Credits Thura Moe Myint mgthuramoemyint Required privilege...

9.8CVSS6.9AI score0.00769EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/04/05 12:0 a.m.14 views

WordPress Relevanssi Premium Plugin <= 2.25.1 is vulnerable to CSV Injection

Software Relevanssi Premium Type Plugin Vulnerable versions = 2.25.1 Fixed in 2.25.2 OWASP Top 10 A1: Injection Classification CSV Injection CVE CVE-2024-3214 Patch priority Low CVSS severity Low 4.7 Developer Claim ownership PSID c945697bfd2b Credits Thura Moe Myint mgthuramoemyint Required...

9.8CVSS6.9AI score0.00769EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder