Posted on

Free 3.3.8

The 3.3.8 update for free Relevanssi matches Relevanssi Premium 1.13.2 and is a maintenance release and generally recommended, as it fixes minor bugs and a possible XSS vulnerability.

  • Fixed a bug that caused the results to change depending of the order of words in a multi-word search query.
  • Added product_categories and recent_products from WooCommerce to the list of blocked shortcodes.
  • There are improvements in excerpt-building and highlighting, especially when fuzzy search is enabled.
  • Fixed a possible (if quite unlikely) XSS vulnerability.
  • Improved search performance (thanks to MikeNGarrett).
  • Sometimes highlights in documents make the document content disappear. I don’t know why, but I’ve added a fix that should make the content visible (without the highlights) if a problem appears.

The XSS vulnerability is related to stopwords: the list of stopwords is printed out unescaped on the Relevanssi settings page in WP admin dashboard. There’s some potential for a XSS vulnerability there, but in order to attack this way, the attacker needs to have admin rights to your WP site in the first place. 1.13.2 fixes the vulnerability in any case.

3 comments Free 3.3.8

  1. We are using Relevanssi as a search engine for our site. However, it doesn’t seem to find numbers with an underscore inbetween. For example, if my post contains 2_46, and I try to search for 2_46, I get no results. I do get results if I just enter 46, but the combinations of number and underscore is a token that people will search for. Any ideas on how to make this work? Thanks.

      1. Thank you so much! I had found that page, but wasn’t sure it applied. I now see that it does, and it worked perfectly! Much appreciation to you.

Leave a Reply to Mikko Saari Cancel reply

Are you a Relevanssi Premium customer looking for support? Please use the Premium support form.

Your email address will not be published. Required fields are marked *