CVE-2024-3213 – Relevanssi – A Better Search <= 4.22.1 - Missing Authorization to Unauthenticated Count Option Update
https://notcve.org/view.php?id=CVE-2024-3213
The Relevanssi – A Better Search plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the relevanssi_update_counts() function in all versions up to, and including, 4.22.1. This makes it possible for unauthenticated attackers to execute expensive queries on the application that could lead into DOS. El complemento Relevanssi – A Better Search para WordPress es vulnerable a modificaciones no autorizadas de datos debido a una falta de verificación de capacidad en la función relevanssi_update_counts() en todas las versiones hasta la 4.22.1 incluida. Esto hace posible que atacantes no autenticados ejecuten consultas costosas en la aplicación que podrían conducir a DOS. • https://github.com/xbz0n/CVE-2024-32136 https://plugins.trac.wordpress.org/browser/relevanssi/trunk/lib/admin-ajax.php#L443 https://plugins.trac.wordpress.org/changeset/3064304/relevanssi/tags/4.22.2/lib/admin-ajax.php https://www.wordfence.com/threat-intel/vulnerabilities/id/e625130f-8e21-4baf-9d3c-4cbb806b9e52?source=cve • CWE-862: Missing Authorization •
CVE-2024-3214 – Relevanssi – A Better Search <= 4.22.1 - Unauthenticated Second Order CSV Injection
https://notcve.org/view.php?id=CVE-2024-3214
The Relevanssi – A Better Search plugin for WordPress is vulnerable to CSV Injection in all versions up to, and including, 4.22.1. This makes it possible for unauthenticated attackers to embed untrusted input into exported CSV files, which can result in code execution when these files are downloaded and opened on a local system with a vulnerable configuration. El complemento Relevanssi – A Better Search para WordPress es vulnerable a la inyección CSV en todas las versiones hasta la 4.22.1 incluida. Esto hace posible que atacantes no autenticados incrusten datos no confiables en archivos CSV exportados, lo que puede resultar en la ejecución de código cuando estos archivos se descargan y abren en un sistema local con una configuración vulnerable. • https://plugins.trac.wordpress.org/changeset/3064304/relevanssi/tags/4.22.2/lib/log.php https://www.wordfence.com/threat-intel/vulnerabilities/id/9960bae9-6f19-49eb-8f24-fdde4933671e?source=cve • CWE-1236: Improper Neutralization of Formula Elements in a CSV File •
CVE-2023-7199 – Relevanssi (Free < 4.22.0, Premium < 2.25.0) - Unauthenticated Private/Draft Post Disclosure
https://notcve.org/view.php?id=CVE-2023-7199
The Relevanssi WordPress plugin before 4.22.0, Relevanssi Premium WordPress plugin before 2.25.0 allows any unauthenticated user to read draft and private posts via a crafted request Los complementos Relevanssi de WordPress anterior a 4.22.0 y Relevanssi Premium de WordPress anterior a 2.25.0 permite a cualquier usuario no autenticado leer borradores y publicaciones privadas a través de una solicitud manipulada The Relevanssi – A Better Search plugin for WordPress is vulnerable to unauthorized access of data due to insufficient limitation of a user controlled key in all versions up to, and including, 4.21.2 (Free) and < 2.25.0 (Premium). This makes it possible for unauthenticated attackers to view private and draft posts that may contain sensitive information. • https://wpscan.com/vulnerability/0c96a128-4473-41f5-82ce-94bba33ca4a3 https://www.relevanssi.com/release-notes/premium-2-25-free-4-22-release-notes • CWE-639: Authorization Bypass Through User-Controlled Key CWE-862: Missing Authorization •
CVE-2018-9034 – Relevanssi <= 4.0.4 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2018-9034
Cross-site scripting (XSS) vulnerability in lib/interface.php of the Relevanssi plugin 4.0.4 for WordPress allows remote attackers to inject arbitrary JavaScript or HTML via the tab GET parameter. Vulnerabilidad de Cross-Site Scripting (XSS) en lib/interface.php en el plugin Relevanssi 4.0.4 para WordPress permite que atacantes remotos inyecten JavaScript o HTML arbitrarios mediante el parámetro GET. WordPress Relevanssi plugin version 4.0.4 suffers from a cross site scripting vulnerability. • https://www.exploit-db.com/exploits/44366 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2017-1000225
https://notcve.org/view.php?id=CVE-2017-1000225
Reflected XSS in Relevanssi Premium version 1.14.8 when using relevanssi_didyoumean() could allow unauthenticated attacker to do almost anything an admin can Cross-Site Scripting (XSS) reflejado en Relevanssi Premium 1.14.8, cuando se utiliza la función relevanssi_didyoumean(), podría permitir que un atacante no autenticado haga prácticamente todo lo que puede hacer un administrador. • https://security.dxw.com/advisories/reflected-xss-in-relevanssi-premium-when-using-relevanssi_didyoumean-could-allow-unauthenticated-attacker-to-do-almost-anything-an-admin-can • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •