Full Disclosure

SQL injection and unserialization vulnerability in Relevanssi Premium could allow admins to execute arbitrary code (in some circumstances) (WordPress plugin)

November 18, 2016 007admin Leave a comment

Posted by dxw Security on Nov 18

Details
================
Software: Relevanssi Premium
Version: v1.14.4
Homepage: https://www.relevanssi.com/
Advisory report:
https://security.dxw.com/advisories/sql-injection-and-unserialization-vulnerability-in-relevanssi-premium-could-allow-admins-to-execute-arbitrary-code-in-some-circumstances/
CVE: Awaiting assignment
CVSS: 9 (High; AV:N/AC:L/Au:S/C:C/I:C/A:C)

Description
================
SQL injection and unserialization vulnerability in…

Leave a Reply Cancel reply

You must be logged in to post a comment.

Software and Security Information