Tag: CVE-2025-4396

All the articles with the tag "CVE-2025-4396".

[CVE-2025-4396] Unauthenticated SQL Injection in Relevanssi Gives Attackers a Direct Line to Your WordPress Database

13 May, 2025

A logic flaw in the popular Relevanssi search plugin lets anyone craft time-based SQL queries through public search parameters. The bug leaks or modifies WordPress data without needing an account.

[CVE-2025-4396] Unauthenticated SQL Injection in Relevanssi Gives Attackers a Direct Line to Your WordPress Database