Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Relevanssi — Vulnerabilities & Security Advisories 7

Browse all 7 CVE security advisories affecting Relevanssi. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Relevanssi is a WordPress search plugin that enhances default search functionality with advanced features. Historically, it has been vulnerable to multiple security issues including cross-site scripting (XSS), remote code execution (RCE), and privilege escalation vulnerabilities, primarily stemming from insufficient input validation and improper access controls. The plugin's 7 recorded CVEs highlight these recurring security challenges, with several critical flaws allowing attackers to execute arbitrary code or compromise site integrity. While no major public incidents have been widely documented, the consistent pattern of vulnerabilities underscores the importance of regular updates and careful implementation for users relying on this search enhancement tool.

Top products by Relevanssi: Relevanssi Premium
CVE IDTitleCVSSSeverityPublished
CVE-2025-5016 Relevanssi <= 4.24.5 (Free) and <= 2.27.6 (Premium) - Unauthenticated Stored Cross-Site Scripting via Excerpt Highlights — Relevanssi PremiumCWE-79 4.7 Medium2025-05-31
CVE-2025-4396 Relevanssi <= 4.24.4 (Free) and <= 2.27.5 (Premium) - Unauthenticated SQL Injection — Relevanssi PremiumCWE-89 7.5 High2025-05-13
CVE-2025-4054 Relevanssi <= 4.24.3 (Free) and <= 2.27.4 (Premium) - Unauthenticated Stored Cross-Site Scripting via Search Highlights — Relevanssi PremiumCWE-79 6.1 Medium2025-05-07
CVE-2024-7630 Relevanssi <= 4.22.2 (Free) and <= 2.25.1 (Premium) - Unauthenticated Information Exposure — Relevanssi PremiumCWE-200 5.3 Medium2024-08-16
CVE-2024-3213 Relevanssi – A Better Search <= 4.22.1 - Missing Authorization to Unauthenticated Count Option Update — Relevanssi PremiumCWE-862 5.3 Medium2024-04-09
CVE-2024-3214 Relevanssi – A Better Search <= 4.22.1 - Unauthenticated Second Order CSV Injection — Relevanssi PremiumCWE-1236 5.8 Medium2024-04-09
CVE-2024-1380 Relevanssi – A Better Search <= 4.22.0 (Free) and <= 2.25.0 (Premium) - Missing Authorization to Unauthenticated Query Log Export — Relevanssi PremiumCWE-862 5.3 Medium2024-03-13

This page lists every published CVE security advisory associated with Relevanssi. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.