CVE-2023-7199 is a medium-severity vulnerability affecting the Relevanssi WordPress plugin versions prior to 4.22.0 and Relevanssi Premium versions prior to 2.25.0. The vulnerability is classified under CWE-639, which involves authorization bypass through user-controlled keys. Specifically, this flaw allows any unauthenticated user to access draft and private posts by crafting a specially designed request. Normally, draft and private posts are restricted to authorized users only, but due to improper authorization checks in the affected plugin versions, these restrictions can be bypassed. The vulnerability does not require any authentication or user interaction, and the attack vector is network-based, meaning an attacker can exploit it remotely over the internet. The CVSS v3.1 base score is 5.3 (medium), reflecting a low impact on confidentiality (partial disclosure of content), no impact on integrity or availability, and ease of exploitation due to lack of required privileges or user interaction. The vulnerability stems from the plugin's failure to properly validate user permissions before returning search results or content, allowing unauthorized disclosure of sensitive unpublished content. There are no known public exploits in the wild at the time of publication, and no official patches or updates are linked in the provided data, but upgrading to versions 4.22.0 or 2.25.0 and above is implied as the remediation path.

For European organizations using WordPress sites with the Relevanssi plugin, this vulnerability poses a risk of unauthorized disclosure of sensitive internal content such as draft blog posts, internal announcements, or private communications. While the impact is limited to confidentiality and does not affect data integrity or system availability, the exposure of unpublished or private content can lead to reputational damage, leakage of sensitive business information, or violation of data privacy policies such as GDPR if personal data is inadvertently exposed. Organizations in sectors with strict confidentiality requirements—such as legal, financial, healthcare, and government—may face compliance risks if sensitive information is leaked. Additionally, attackers could use the disclosed information to facilitate further targeted attacks or social engineering campaigns. The fact that exploitation requires no authentication and no user interaction increases the risk, as automated scanning and exploitation attempts could be performed at scale. However, the lack of known exploits in the wild and the medium severity score suggest the threat is moderate but should be addressed promptly to prevent potential abuse.

European organizations should immediately verify if their WordPress installations use the Relevanssi or Relevanssi Premium plugins and identify the plugin versions in use. The primary mitigation is to upgrade the plugin to version 4.22.0 or later for Relevanssi, and 2.25.0 or later for Relevanssi Premium, where the vulnerability is fixed. Until upgrades can be applied, organizations should consider disabling the plugin or restricting access to the WordPress search functionality provided by Relevanssi, especially for unauthenticated users. Implementing web application firewall (WAF) rules to detect and block suspicious crafted requests targeting the plugin’s search endpoints can provide temporary protection. Additionally, reviewing and tightening WordPress user role permissions and ensuring that draft and private posts are not inadvertently exposed through other plugins or themes is recommended. Regular security audits and monitoring of web server logs for unusual access patterns to draft/private content URLs can help detect exploitation attempts early. Organizations should also maintain an up-to-date inventory of plugins and monitor vulnerability disclosures to respond promptly to future threats.