Lucene search
WPScanCVELIST:CVE-2021-25037HistoryJan 17, 2022 - 1:00 p.m.
CVE-2021-25037 All In One SEO < 4.1.5.3 - Authenticated SQL Injection
2022-01-1713:00:36
CWE-89
WPScan
www.cve.org
7
cve-2021
all in one seo
authenticated
sql injection
wordpress
plugin
jetpack scan
database
The All in One SEO WordPress plugin before 4.1.5.3 is affected by an authenticated SQL injection issue, which was discovered during an internal audit by the Jetpack Scan team, and could grant attackers access to privileged information from the affected siteβs database (e.g., usernames and hashed passwords).
CNA Affected
[
{
"product": "All in One SEO β Best WordPress SEO Plugin β Easily Improve SEO Rankings & Increase Traffic",
"vendor": "Unknown",
"versions": [
{
"lessThan": "4.1.3.1*",
"status": "affected",
"version": "4.1.3.1",
"versionType": "custom"
},
{
"lessThan": "4.1.5.3",
"status": "affected",
"version": "4.1.5.3",
"versionType": "custom"
}
]
}
]Related
patchstack
patchstack
openvas
openvas
WordPress All in One SEO Pack Plugin 4.1.3.1 - 4.1.5.2 SQLi Vulnerability
2021-12-22 00:00:00
nvd
nvd
CVE-2021-25037
2022-01-17 13:15:07
wpvulndb
wpvulndb
All In One SEO < 4.1.5.3 - Authenticated SQL Injection
2021-12-14 00:00:00
prion
prion
Sql injection
2022-01-17 13:15:00
cve
cve
CVE-2021-25037
2022-01-17 13:15:07