Lucene search
JpcertCVE-2015-0902HistoryApr 03, 2015 - 10:59 a.m.
CVE-2015-0902
2015-04-0310:59:08
CWE-200
jpcert
web.nvd.nist.gov
149
cve-2015-0902
semper fi
all in one seo pack
wordpress
password protection
sensitive information
html
remote attackers
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.5
Confidence
Low
EPSS
0.003
Percentile
70.3%
The Semper Fi All in One SEO Pack plugin before 2.2.6 for WordPress does not consider the presence of password protection during generation of the Meta Description field, which allows remote attackers to obtain sensitive information by reading HTML source code.
Affected configurations
Node
semperfiwebdesignall_in_one_seo_packRange≤2.2.5.1wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| semperfiwebdesign | all_in_one_seo_pack | * | cpe:2.3:a:semperfiwebdesign:all_in_one_seo_pack:*:*:*:*:*:wordpress:*:* |
Related
patchstack
patchstack
WordPress All in One SEO Pack Plugin <= 2.2.5 - Information Management
2015-01-08 00:00:00
cvelist
cvelist
CVE-2015-0902
2015-04-03 10:00:00
prion
prion
Design/Logic Flaw
2015-04-03 10:59:00
jvn
jvn
JVN#75615300: All in One SEO Pack information management vulnerability
2015-03-31 00:00:00
wpvulndb
wpvulndb
All in One SEO Pack <= 2.2.5.1 - Information Disclosure
2015-03-31 00:00:00
nvd
nvd
CVE-2015-0902
2015-04-03 10:59:08
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.5
Confidence
Low
EPSS
0.003
Percentile
70.3%
Related for CVE-2015-0902