added remediation

patch-4
Dhiyaneshwaran 2024-06-05 13:16:41 +05:30 committed by GitHub
parent dba6004666
commit ce1973b1d1
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 1 additions and 0 deletions

View File

@ -6,6 +6,7 @@ info:
severity: medium
description: |
The Relevanssi Search plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check in all versions up to, and including, 4.22.0. This makes it possible for unauthenticated attackers to export the query log data.
remediation: Fixed in 4.22.1
reference:
- https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3033880%40relevanssi&new=3033880%40relevanssi&sfp_email=&sfph_mail=
- https://www.wordfence.com/threat-intel/vulnerabilities/id/7b2a3b17-0551-4e02-8e6a-ae8d46da0ef8?source=cve