Medium severity5.3NVD Advisory· Published Aug 28, 2024· Updated Apr 15, 2026
CVE-2024-7573
CVE-2024-7573
Description
The Relevanssi Live Ajax Search plugin for WordPress is vulnerable to argument injection in all versions up to, and including, 2.4. This is due to insufficient validation of input supplied via POST data in the 'search' function. This makes it possible for unauthenticated attackers to inject arbitrary arguments into a WP_Query query and potentially expose sensitive information such as attachments or private posts.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<=2.4+ 1 more
- (no CPE)range: <=2.4
- (no CPE)range: <=2.4
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.