Lucene search

CVE-2023-1028

🗓️ 28 Feb 2023 13:10:15Reported by WordfenceType

The WP Meta SEO plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.5.3 due to missing or incorrect nonce validation

Reporter	Title	Published	Views	Family All 5
Vulnrichment	CVE-2023-1028	28 Feb 202312:53	–	vulnrichment
Cvelist	CVE-2023-1028	28 Feb 202312:53	–	cvelist
Prion	Cross site request forgery (csrf)	28 Feb 202313:15	–	prion
NVD	CVE-2023-1028	28 Feb 202313:15	–	nvd
Wordfence Blog	Wordfence Intelligence Weekly WordPress Vulnerability Report (Feb 20, 2023 to Feb 26, 2023)	2 Mar 202314:49	–	wordfence

Nvd

Vulners

Node

joomunited wp_meta_seoRange≤4.5.3wordpress

[
  {
    "vendor": "joomunited",
    "product": "WP Meta SEO",
    "versions": [
      {
        "version": "*",
        "status": "affected",
        "lessThanOrEqual": "4.5.3",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

Source	Link
wordfence	www.wordfence.com/threat-intel/vulnerabilities/id/6b978749-7ea5-45f4-9f69-66a19c0e39ca
plugins	www.plugins.trac.wordpress.org/changeset/2870465/wp-meta-seo/trunk
plugins	www.plugins.trac.wordpress.org/changeset/2870465/wp-meta-seo/tags/4.5.4/inc/class.metaseo-admin.php

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

28 Feb 2023 13:15Current

5.2Medium risk

Vulners AI Score5.2

CVSS34.3

EPSS0.00111

SSVC