Relevanssi Premium 1.14.6 and Relevanssi 3.5.6 are important security updates. There’s a SQL injection vulnerability in Relevanssi. It’s not terribly dangerous, as it requires admin access, but it is possible to exploit. Premium also has another security vulnerability: the option import option can be exploited. That exploit also requires admin access.
Both of these vulnerabilities are fixed in these updates.
These updates also fix a small problem where Relevanssi didn’t highlight terms that were followed by a ?, ! or an apostrophe. There’s also a new filter hook
relevanssi_ok_to_log that makes it easier to control query logging.