Vulnerabilities > Relevanssi

DATE	CVE	VULNERABILITY TITLE	RISK
2024-01-29	CVE-2023-7199	Authorization Bypass Through User-Controlled Key vulnerability in Relevanssi The Relevanssi WordPress plugin before 4.22.0, Relevanssi Premium WordPress plugin before 2.25.0 allows any unauthenticated user to read draft and private posts via a crafted request network low complexity relevanssi CWE-639	5.3
2019-09-13	CVE-2016-10949	SQL Injection vulnerability in Relevanssi The Relevanssi Premium plugin before 1.14.6.1 for WordPress has SQL injection with resultant unsafe unserialization. network low complexity relevanssi CWE-89	8.8
2018-04-04	CVE-2018-9034	Cross-site Scripting vulnerability in Relevanssi Cross-site scripting (XSS) vulnerability in lib/interface.php of the Relevanssi plugin 4.0.4 for WordPress allows remote attackers to inject arbitrary JavaScript or HTML via the tab GET parameter. network low complexity relevanssi CWE-79	5.4
2017-11-17	CVE-2017-1000225	Cross-site Scripting vulnerability in Relevanssi 1.14.8 Reflected XSS in Relevanssi Premium version 1.14.8 when using relevanssi_didyoumean() could allow unauthenticated attacker to do almost anything an admin can network low complexity relevanssi CWE-79	6.1
2017-07-17	CVE-2017-1000038	Cross-site Scripting vulnerability in Relevanssi 3.5.7.1 WordPress plugin Relevanssi version 3.5.7.1 is vulnerable to stored XSS resulting in attacker being able to execute JavaScript on the affected site network low complexity relevanssi CWE-79	6.1

Vulnerabilities > Relevanssi {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Relevanssi"}]}