cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-7630,https://securityvulnerability.io/vulnerability/CVE-2024-7630,Unauthorized Access to Password Protected Posts via Search Query,"The Relevanssi – A Better Search plugin for WordPress has a vulnerability that allows for information exposure due to insufficient query limitations in the relevanssi_do_query() function. This flaw affects all versions up to and including 4.22.2, enabling unauthenticated attackers to extract potentially sensitive information from posts that are typically password protected. Organizations using this plugin should assess their exposure and implement necessary safeguards to mitigate unauthorized data access.",Wordpress,Relevanssi – A Better Search,7.5,HIGH,0.0008699999889358878,false,,false,false,false,,false,false,2024-08-16T01:59:56.829Z,0
CVE-2024-3213,https://securityvulnerability.io/vulnerability/CVE-2024-3213,Unauthorized Data Modification Vulnerability in Relevanssi's Better Search Plugin for WordPress,"The Relevanssi – A Better Search plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the relevanssi_update_counts() function in all versions up to, and including, 4.22.1. This makes it possible for unauthenticated attackers to execute expensive queries on the application that could lead into DOS.",Wordpress,"Relevanssi – A Better Search (pro),Relevanssi – A Better Search",5.3,MEDIUM,0.00044999999227002263,false,,false,false,false,,false,false,2024-04-09T18:59:30.531Z,0
CVE-2024-3214,https://securityvulnerability.io/vulnerability/CVE-2024-3214,CSV Injection Vulnerability in Relevanssi Plugin for WordPress,"The Relevanssi – A Better Search plugin for WordPress is susceptible to a CSV Injection vulnerability in all versions up to and including 4.22.1. This flaw allows unauthenticated attackers to insert malicious inputs into exported CSV files. When these files are downloaded and opened in a vulnerable local environment, it can lead to unauthorized code execution, posing significant security risks. Users of the affected versions are strongly advised to upgrade to version 4.22.2 or later to mitigate this vulnerability.",Wordpress,"Relevanssi – A Better Search (pro),Relevanssi – A Better Search",9.8,CRITICAL,0.0008399999933317304,false,,false,false,false,,false,false,2024-04-09T18:59:07.972Z,0
CVE-2024-1380,https://securityvulnerability.io/vulnerability/CVE-2024-1380,Unauthorized Access to Query Log Data Due to Missing Capability Check,"The Relevanssi – A Better Search plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the relevanssi_export_log_check() function in all versions up to, and including, 4.22.0. This makes it possible for unauthenticated attackers to export the query log data. The vendor has indicated that they may look into adding a capability check for proper authorization control, however, this vulnerability is theoretically patched as is.",Wordpress,Relevanssi – A Better Search,5.3,MEDIUM,0.000590000010561198,false,,false,false,true,true,false,false,2024-03-13T15:26:58.390Z,0