Page 2 of 7 results (0.004 seconds)

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1

The Relevanssi Premium plugin before 1.14.6.1 for WordPress has SQL injection with resultant unsafe unserialization. El plugin Relevanssi Premium versiones anteriores a 1.14.6.1 para WordPress, presenta una inyección SQL con una deserialización no segura resultante. • https://advisories.dxw.com/advisories/sql-injection-and-unserialization-vulnerability-in-relevanssi-premium-could-allow-admins-to-execute-arbitrary-code-in-some-circumstances • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

Cross-site scripting (XSS) vulnerability in the Relevanssi plugin before 3.3.8 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en el plugin Relevanssi anterior a 3.3.8 para WordPress permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de vectores no especificados. • http://secunia.com/advisories/61744 https://wordpress.org/plugins/relevanssi/changelog • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •