Relevanssi <= 4.24.4 (Free) - Unauthenticated SQL Injection

The Relevanssi – A Better Search plugin for WordPress is vulnerable to time-based SQL Injection via the cats and tags query parameters in all versions up to, and including, 4.24.4 Free and = 2.27.4 Premium due to insufficient escaping on the user supplied parameter and lack of sufficient...

PT-2025-20826

Name of the Vulnerable Software and Affected Versions Relevanssi – A Better Search plugin for WordPress versions 4.24.4 and earlier Free and versions 2.27.4 and earlier Premium Description The Relevanssi – A Better Search plugin for WordPress is vulnerable to time-based SQL Injection via the cats...

CVE-2023-7199 Relevanssi (Free < 4.22.0, Premium < 2.25.0) - Unauthenticated Private/Draft Post Disclosure

The Relevanssi WordPress plugin before 4.22.0, Relevanssi Premium WordPress plugin before 2.25.0 allows any unauthenticated user to read draft and private posts via a crafted request...