Relevanssi – A Better Search

Wordfence Intelligence   >   Vulnerability Database   >   WordPress Plugins   >   Relevanssi – A Better Search

Information

Software Type Plugin
Software Slug relevanssi (view on wordpress.org)
Software Status Active
Software Author msaari
Software Website www.relevanssi.com
Software Downloads 6,487,541
Software Active Installs 100,000
Software Record Last Updated May 3, 2024

11 Vulnerabilities

Relevanssi – A Better Search <= 4.22.1 - Missing Authorization to Unauthenticated Count Option Update
5.3
CVE-2024-3213
Apr 4, 2024
Researcher: Thura Moe Myint (mgthuramoemyint)
Relevanssi – A Better Search <= 4.22.1 - Unauthenticated Second Order CSV Injection
5.8
CVE-2024-3214
Apr 4, 2024
Researcher: Thura Moe Myint (mgthuramoemyint)
Relevanssi – A Better Search <= 4.22.0 - Missing Authorization to Unauthenticated Query Log Export
5.3
CVE-2024-1380
Feb 22, 2024
Researcher: Krzysztof Zając
Relevanssi <= 4.21.2 (Free) and < 2.25.0 (Premium) - Missing Authorization to Unauthorized Post Access
5.3
CVE-2023-7199
Jan 4, 2024
Researcher: Krzysztof Zając
Relevanssi – A Better Search < 4.14.6 & Relevanssi – A Better Search Pro < 2.16.5 - Missing Authorization
6.3
CVE ID Unknown
Feb 15, 2022
Researcher: Jan w Oleju
Relevanssi - A Better Search Free & Premium <= 2.16.3 & 4.14.3 - Stored Cross-Site Scripting
7.2
CVE ID Unknown
Oct 19, 2021
Researcher: msaari
Relevanssi <= 3.6.0 - Authenticated (Admin+) SQL Injection
8.7
CVE ID Unknown
Apr 10, 2018
Researcher: dwxsupport
Relevanssi <= 4.0.4 - Cross-Site Scripting
5.4
CVE-2018-9034
Mar 30, 2018
Researchers:
Relevanssi – A Better Search <= 3.5.7.1 - Stored Cross-Site Scripting
6.1
CVE-2017-1000038
Feb 28, 2017
Researcher: Mallory Adams
Relevanssi – A Better Search < 3.3.8 - Cross-Site Scripting
6.1
CVE-2014-9443
Jan 3, 2015
Researchers:
Relevanssi <= 3.3 - SQL Injection
9.8
CVE ID Unknown
Feb 25, 2014
Researchers:
Title CVE ID CVSS Researchers Date
Relevanssi – A Better Search <= 4.22.1 - Missing Authorization to Unauthenticated Count Option Update CVE-2024-3213 5.3 Thura Moe Myint (mgthuramoemyint) April 4, 2024
Relevanssi – A Better Search <= 4.22.1 - Unauthenticated Second Order CSV Injection CVE-2024-3214 5.8 Thura Moe Myint (mgthuramoemyint) April 4, 2024
Relevanssi – A Better Search <= 4.22.0 - Missing Authorization to Unauthenticated Query Log Export CVE-2024-1380 5.3 Krzysztof Zając February 22, 2024
Relevanssi <= 4.21.2 (Free) and < 2.25.0 (Premium) - Missing Authorization to Unauthorized Post Access CVE-2023-7199 5.3 Krzysztof Zając January 4, 2024
Relevanssi – A Better Search < 4.14.6 & Relevanssi – A Better Search Pro < 2.16.5 - Missing Authorization 6.3 Jan w Oleju February 15, 2022
Relevanssi - A Better Search Free & Premium <= 2.16.3 & 4.14.3 - Stored Cross-Site Scripting 7.2 msaari October 19, 2021
Relevanssi <= 3.6.0 - Authenticated (Admin+) SQL Injection 8.7 dwxsupport April 10, 2018
Relevanssi <= 4.0.4 - Cross-Site Scripting CVE-2018-9034 5.4 March 30, 2018
Relevanssi – A Better Search <= 3.5.7.1 - Stored Cross-Site Scripting CVE-2017-1000038 6.1 Mallory Adams February 28, 2017
Relevanssi – A Better Search < 3.3.8 - Cross-Site Scripting CVE-2014-9443 6.1 January 3, 2015
Relevanssi <= 3.3 - SQL Injection 9.8 February 25, 2014

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation