Relevanssi <= 4.24.4 (Free) - Unauthenticated SQL Injection

The Relevanssi – A Better Search plugin for WordPress is vulnerable to time-based SQL Injection via the cats and tags query parameters in all versions up to, and including, 4.24.4 Free and = 2.27.4 Premium due to insufficient escaping on the user supplied parameter and lack of sufficient...

Relevanssi (A Better Search) <= 4.22.0 - Query Log Export

The Relevanssi Search plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check in all versions up to, and including, 4.22.0. This makes it possible for unauthenticated attackers to export the query log data. id: CVE-2024-1380 info: name: Relevanssi A...

Exploit for CVE-2025-4396

CVE-2025-4396 Exploit: Relevanssi SQL Injection Time-Based...

Exploit for CVE-2025-4396

CVE-2025-4396 - WordPress Relevanssi Time-Based Blind SQL Inje...

WordPress Relevanssi Premium plugin < 2.25.0 - Unauthenticated Private/Draft Post Disclosure vulnerability

Unauthenticated Private/Draft Post Disclosure vulnerability discovered by Krzysztof Zając CERT PL in WordPress Plugin Relevanssi Premium versions 2.25.0...

WordPress Relevanssi plugin < 4.22.0 - Unauthenticated Private/Draft Post Disclosure vulnerability

Unauthenticated Private/Draft Post Disclosure vulnerability discovered by Krzysztof Zając CERT PL in WordPress Plugin Relevanssi versions 4.22.0...

WordPress Relevanssi Premium plugin <= 2.25.0 - Missing Authorization to Unauthenticated Query Log Export vulnerability

Missing Authorization to Unauthenticated Query Log Export vulnerability discovered by Krzysztof Zając - CERT PL in WordPress Plugin Relevanssi Premium versions = 2.25.0...

WordPress Relevanssi plugin <= 4.22.0 - Missing Authorization to Unauthenticated Query Log Export vulnerability

Missing Authorization to Unauthenticated Query Log Export vulnerability discovered by Krzysztof Zając - CERT PL in WordPress Plugin Relevanssi versions = 4.22.0...

VulnCheck KEV: CVE-2025-4396

The Relevanssi – A Better Search plugin for WordPress is vulnerable to time-based SQL Injection via the cats and tags query parameters in all versions up to, and including, 4.24.4 Free and = 2.27.5 Premium due to insufficient escaping on the user supplied parameter and lack of sufficient...

WordPress Relevanssi Premium plugin < 2.29.0 - Contributor+ SQLi vulnerability

Contributor+ SQLi vulnerability discovered by Drew Webber mcdruid in WordPress Plugin Relevanssi Premium versions 2.29.0...

WordPress Relevanssi plugin < 4.26.0 - Contributor+ SQLi vulnerability

Contributor+ SQLi vulnerability discovered by Drew Webber mcdruid in WordPress Plugin Relevanssi versions 4.26.0...

CVE-2025-14719

The Relevanssi WordPress plugin before 4.26.0, Relevanssi Premium WordPress plugin before 2.29.0 do not sanitize and escape a parameter before using it in a SQL statement, allowing contributor and above roles to perform SQL injection attacks...

CVE-2025-14719

The Relevanssi WordPress plugin before 4.26.0, Relevanssi Premium WordPress plugin before 2.29.0 do not sanitize and escape a parameter before using it in a SQL statement, allowing contributor and above roles to perform SQL injection attacks...

CVE-2025-14719 Relevanssi (Free < 4.26.0, Premium < 2.29.0) - Contributor+ SQLi

The Relevanssi WordPress plugin before 4.26.0, Relevanssi Premium WordPress plugin before 2.29.0 do not sanitize and escape a parameter before using it in a SQL statement, allowing contributor and above roles to perform SQL injection attacks...

CVE-2025-14719

CVE-2025-14719 : Relevanssi Free (&lt;4.26.0) and Relevanssi Premium (

CVE-2025-14719 Relevanssi (Free < 4.26.0, Premium < 2.29.0) - Contributor+ SQLi

The Relevanssi WordPress plugin before 4.26.0, Relevanssi Premium WordPress plugin before 2.29.0 do not sanitize and escape a parameter before using it in a SQL statement, allowing contributor and above roles to perform SQL injection attacks...

WordPress plugin Relevanssi和WordPress plugin Relevanssi Premium 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

PT-2026-1561

Name of the Vulnerable Software and Affected Versions Relevanssi WordPress plugin versions prior to 4.26.0 Relevanssi Premium WordPress plugin versions prior to 2.29.0 Description The Relevanssi and Relevanssi Premium WordPress plugins do not properly sanitize and escape a parameter before its us...

WordPress Relevanssi <= 4.24.5 - Unauthenticated Stored Cross-Site Scripting via Excerpt Highlights vulnerability

Unauthenticated Stored Cross-Site Scripting via Excerpt Highlights vulnerability discovered by Jack Taylor in WordPress Plugin Relevanssi versions = 4.24.5...

WordPress Relevanssi Premium plugin <= 2.27.6 - Unauthenticated Stored Cross-Site Scripting via Excerpt Highlights vulnerability

Unauthenticated Stored Cross-Site Scripting via Excerpt Highlights vulnerability discovered by Jack Taylor in WordPress Plugin Relevanssi Premium versions = 2.27.6...