CVE-2024-3213 is a vulnerability classified under CWE-862 (Missing Authorization) found in the Relevanssi – A Better Search (Pro) WordPress plugin, which is widely used to enhance search functionality on WordPress sites. The vulnerability exists because the relevanssi_update_counts() function lacks proper capability checks, meaning it does not verify whether the caller has the necessary permissions to execute this function. As a result, unauthenticated attackers can invoke this function to perform resource-intensive search queries. These expensive queries can overload the server, leading to denial-of-service (DoS) conditions that degrade or disrupt the availability of the affected website. The vulnerability affects all versions up to and including 4.22.1. The CVSS v3.1 base score is 5.3, reflecting a medium severity level, with an attack vector of network (remote), low attack complexity, no privileges required, and no user interaction needed. The scope is unchanged, and the impact affects integrity (unauthorized modification potential) but not confidentiality or availability directly. No patches or fixes have been officially published at the time of this report, and no known exploits have been observed in the wild. The vulnerability poses a risk primarily to WordPress sites using this plugin, especially those exposed to the internet without additional protective controls.

The primary impact of CVE-2024-3213 is the potential for denial-of-service attacks against WordPress sites using the Relevanssi plugin. By allowing unauthenticated users to execute expensive search queries, attackers can exhaust server CPU and memory resources, leading to degraded performance or complete service outages. This can disrupt business operations, reduce user trust, and cause financial losses due to downtime. Additionally, the missing authorization check means unauthorized users could attempt to modify data counts, potentially affecting the integrity of search-related data or analytics. While the vulnerability does not directly expose sensitive data or allow full system compromise, the availability impact can be significant for high-traffic or critical websites. Organizations relying on this plugin for search functionality may face increased risk of service disruption, especially if their infrastructure lacks robust rate limiting or web application firewall protections.

To mitigate CVE-2024-3213, organizations should first verify if they are using the Relevanssi – A Better Search (Pro) plugin and identify the version in use. Immediate mitigation steps include: 1) Restricting access to the affected function by implementing web application firewall (WAF) rules that detect and block suspicious or excessive search query patterns targeting relevanssi_update_counts(). 2) Applying rate limiting on search endpoints to prevent abuse by unauthenticated users. 3) Temporarily disabling the plugin or the specific functionality if feasible until an official patch is released. 4) Monitoring server performance and logs for unusual spikes in search query activity that could indicate exploitation attempts. 5) Keeping WordPress core and all plugins updated, and subscribing to vendor advisories for timely patch releases. 6) If possible, applying custom code to add capability checks around relevanssi_update_counts() to enforce authorization. These steps go beyond generic advice by focusing on immediate protective controls and monitoring tailored to the nature of this vulnerability.