CVE-2025-5016 – Relevanssi WordPress Stored Cross-Site Scripting Vulnerability

May 31, 2025

CVE ID : CVE-2025-5016

Published : May 31, 2025, 4:15 a.m. | 1 hour, 27 minutes ago

Description : The Relevanssi – A Better Search plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Excerpt Highlights in all versions up to, and including, 4.24.5 (Free) and 2.27.6 (Premium) due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

Severity: 4.7 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-5368 – PHPGurukul Daily Expense Tracker System SQL Injection Vulnerability

Next Article CVE-2025-5367 – “PHPGurukul Online Shopping Portal SQL Injection Vulnerability”

Why Non-Native Content Designers Improve Global UX

DevOps won’t scale without platform engineering and here’s why your teams are still stuck

This week in AI dev tools: Slack’s enterprise search, Claude Code’s analytics dashboard, and more (July 18, 2025)

Report: 71% of tech leaders won’t hire devs without AI skills

Could OpenAI’s rumored browser be a Chrome-killer? Here’s what I’m expecting

My favorite lens and screen-cleaning kit keeps my tech spotless, and it only costs $8

AI’s biggest impact on your workforce is still to come – 3 ways to avoid getting left behind

Remedy offers update on ‘FBC: Firebreak,’ details coming improvements — “We’ve seen many players come into the game and leave within the first hour.”

The details of TC39’s last meeting

The details of TC39’s last meeting

Online Examination System using PHP and MySQL

A tricky, educational quiz: it’s about time..

CAD Sketcher – constraint-based geometry sketcher

CAD Sketcher – constraint-based geometry sketcher

7 Best Free and Open Source Linux FTP Servers

Best Free and Open Source Alternatives to Autodesk FBX Review

CVE-2025-5016 – Relevanssi WordPress Stored Cross-Site Scripting Vulnerability

Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads

CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises

TUXEDO InfinityBook Pro 14 Gen10: il nuovo portatile Linux con AMD Ryzen AI 300

CVE-2025-24759 – WordPress Business Directory Plugins SQL Injection Vulnerability

CVE-2025-28354 – Entrust Corp Printer Manager Directory Traversal

Don’t miss out on the best ROG Ally accessory deals going on now — Improve your gaming handheld PC with a microSD card, power bank, dock, and more

Debian 13 ‘Trixie’: What’s New in the Next Linux Powerhouse

CVE-2025-37796 – “Linux Kernel WiFi at76c50x Use After Free”

CVE-2025-26691 – OpenHarmony Information Leak

CVE-2025-4025 – iSourcecode Placement Management System SQL Injection

CVE-2025-5016 – Relevanssi WordPress Stored Cross-Site Scripting Vulnerability

Related Posts