Relevanssi Premium 1.14.6 and Relevanssi 3.5.6 are important security updates. There’s a SQL injection vulnerability in Relevanssi. It’s not terribly dangerous, as it requires admin access, but it is possible to exploit. Premium also has another security vulnerability: the option import option can be exploited. That exploit also requires admin access.
Both of these vulnerabilities are fixed in these updates.
These updates also fix a small problem where Relevanssi didn’t highlight terms that were followed by a ?, ! or an apostrophe. There’s also a new filter hook relevanssi_ok_to_log that makes it easier to control query logging.
The free version can be downloaded from the repository, Premium can be downloaded through automatic updates or from the download page.
This update broke all 5 sites I applied it to. No search results in most cases, PHP errors on front end in a few cases.
Yes, it did. Please download the new update, that’ll fix the problem.