4 matches found
CVE-2024-3214
The Relevanssi – A Better Search plugin for WordPress is vulnerable to CSV Injection in all versions up to, and including, 4.22.1. This makes it possible for unauthenticated attackers to embed untrusted input into exported CSV files, which can result in code execution when these files are...
CVE-2024-3214
CVE-2024-3214 affects Relevanssi – A Better Search (WordPress) up to version 4.22.1. It allows unauthenticated CSV injection by embedding untrusted input in exported CSV files, with potential code execution when the CSV is opened in a vulnerable environment. The vulnerability is classified as una...
WordPress Relevanssi Plugin <= 4.22.1 is vulnerable to CSV Injection
Software Relevanssi Type Plugin Vulnerable versions = 4.22.1 Fixed in 4.22.2 OWASP Top 10 A1: Injection Classification CSV Injection CVE CVE-2024-3214 Patch priority Low CVSS severity Low 4.7 Developer Claim ownership PSID 3b70af9574ea Credits Thura Moe Myint mgthuramoemyint Required privilege...
WordPress Relevanssi Premium Plugin <= 2.25.1 is vulnerable to CSV Injection
Software Relevanssi Premium Type Plugin Vulnerable versions = 2.25.1 Fixed in 2.25.2 OWASP Top 10 A1: Injection Classification CSV Injection CVE CVE-2024-3214 Patch priority Low CVSS severity Low 4.7 Developer Claim ownership PSID c945697bfd2b Credits Thura Moe Myint mgthuramoemyint Required...