CVE-2025-14719

Relevanssi (Free < 4.26.0, Premium < 2.29.0) - Contributor+ SQLi

Description

The Relevanssi WordPress plugin before 4.26.0, Relevanssi Premium WordPress plugin before 2.29.0 do not sanitize and escape a parameter before using it in a SQL statement, allowing contributor and above roles to perform SQL injection attacks

INFO

Published Date :

2026-01-07T06:00:09.066Z

Last Modified :

2026-01-07T16:12:07.677Z

Source :

WPScan

AFFECTED PRODUCTS

The following products are affected by CVE-2025-14719 vulnerability.

Vendors	Products
Wordpress	Wordpress

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-14719.

URL	Resource
https://wpscan.com/vulnerability/bd8e27c7-8f97-4313-b16e-50ac6f0676f5/

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact