exploitDog

GHSA-xxq2-fm9w-xjv8

Опубликовано: 07 янв. 2026

Источник: github

Github: Не прошло ревью

CVSS3: 4.9

Описание

The Relevanssi WordPress plugin before 4.26.0, Relevanssi Premium WordPress plugin before 2.29.0 do not sanitize and escape a parameter before using it in a SQL statement, allowing contributor and above roles to perform SQL injection attacks

The Relevanssi WordPress plugin before 4.26.0, Relevanssi Premium WordPress plugin before 2.29.0 do not sanitize and escape a parameter before using it in a SQL statement, allowing contributor and above roles to perform SQL injection attacks

Ссылки

EPSS

Процентиль: 9%

0.00031

Низкий

4.9 Medium

CVSS3

CVE ID

Связанные уязвимости

CVE-2025-14719

CVSS3: 4.9

nvd

28 дней назад

The Relevanssi WordPress plugin before 4.26.0, Relevanssi Premium WordPress plugin before 2.29.0 do not sanitize and escape a parameter before using it in a SQL statement, allowing contributor and above roles to perform SQL injection attacks

EPSS

Процентиль: 9%

0.00031

Низкий

4.9 Medium

CVSS3

CVE ID