The 3.3.8 update for free Relevanssi matches Relevanssi Premium 1.13.2 and is a maintenance release and generally recommended, as it fixes minor bugs and a possible XSS vulnerability.
- Fixed a bug that caused the results to change depending of the order of words in a multi-word search query.
recent_productsfrom WooCommerce to the list of blocked shortcodes.
- There are improvements in excerpt-building and highlighting, especially when fuzzy search is enabled.
- Fixed a possible (if quite unlikely) XSS vulnerability.
- Improved search performance (thanks to MikeNGarrett).
- Sometimes highlights in documents make the document content disappear. I don’t know why, but I’ve added a fix that should make the content visible (without the highlights) if a problem appears.
The XSS vulnerability is related to stopwords: the list of stopwords is printed out unescaped on the Relevanssi settings page in WP admin dashboard. There’s some potential for a XSS vulnerability there, but in order to attack this way, the attacker needs to have admin rights to your WP site in the first place. 1.13.2 fixes the vulnerability in any case.