Filtered by vendor Relevanssi Subscriptions
Filtered by product Relevanssi Subscriptions
Total 7 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2017-1000225 1 Relevanssi 1 Relevanssi 2024-09-17 N/A
Reflected XSS in Relevanssi Premium version 1.14.8 when using relevanssi_didyoumean() could allow unauthenticated attacker to do almost anything an admin can
CVE-2014-9443 1 Relevanssi 1 Relevanssi 2024-09-16 N/A
Cross-site scripting (XSS) vulnerability in the Relevanssi plugin before 3.3.8 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2024-7630 1 Relevanssi 1 Relevanssi 2024-08-19 5.3 Medium
The Relevanssi – A Better Search plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 4.22.2 via the relevanssi_do_query() due to insufficient limitations on the posts that are returned when searching. This makes it possible for unauthenticated attackers to extract potentially sensitive information from password protected posts.
CVE-2016-10949 1 Relevanssi 1 Relevanssi 2024-08-06 8.8 High
The Relevanssi Premium plugin before 1.14.6.1 for WordPress has SQL injection with resultant unsafe unserialization.
CVE-2017-1000038 1 Relevanssi 1 Relevanssi 2024-08-05 N/A
WordPress plugin Relevanssi version 3.5.7.1 is vulnerable to stored XSS resulting in attacker being able to execute JavaScript on the affected site
CVE-2018-9034 1 Relevanssi 1 Relevanssi 2024-08-05 N/A
Cross-site scripting (XSS) vulnerability in lib/interface.php of the Relevanssi plugin 4.0.4 for WordPress allows remote attackers to inject arbitrary JavaScript or HTML via the tab GET parameter.
CVE-2023-7199 1 Relevanssi 1 Relevanssi 2024-08-02 5.3 Medium
The Relevanssi WordPress plugin before 4.22.0, Relevanssi Premium WordPress plugin before 2.25.0 allows any unauthenticated user to read draft and private posts via a crafted request