Lucene search
K

128 matches found

NVD
NVD
added 2026/05/20 5:16 a.m.40 views

CVE-2026-5075

The All in One SEO plugin for WordPress is vulnerable to Sensitive Information Exposure via 'internalOptions' localized script data in versions up to, and including, 4.9.7 due to sensitive internal option data being passed to wplocalizescript in post editor contexts without effective masking for...

4.3CVSS0.00285EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/20 3:28 a.m.14 views

EUVD-2026-31059

The All in One SEO plugin for WordPress is vulnerable to Sensitive Information Exposure via 'internalOptions' localized script data in versions up to, and including, 4.9.7 due to sensitive internal option data being passed to wplocalizescript in post editor contexts without effective masking for...

4.3CVSS5.8AI score0.00285EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/20 3:28 a.m.43 views

CVE-2026-5075 All in One SEO <= 4.9.7 - Authenticated (Contributor+) Sensitive Information Exposure via 'internalOptions' Localized Script Data

The All in One SEO plugin for WordPress is vulnerable to Sensitive Information Exposure via 'internalOptions' localized script data in versions up to, and including, 4.9.7 due to sensitive internal option data being passed to wplocalizescript in post editor contexts without effective masking for...

4.3CVSS0.00285EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/20 3:28 a.m.14 views

CVE-2026-5075

The All in One SEO plugin for WordPress is vulnerable to Sensitive Information Exposure via 'internalOptions' localized script data in versions up to, and including, 4.9.7 due to sensitive internal option data being passed to wplocalizescript in post editor contexts without effective masking for...

4.3CVSS5.8AI score0.00285EPSS
Exploits0References3
Patchstack
Patchstack
added 2026/01/30 8:24 a.m.7 views

WordPress All in One SEO plugin < 4.6.1.1 - Contributor+ Stored XSS vulnerability

Contributor+ Stored XSS vulnerability discovered by Dmtirii Ignatyev in WordPress Plugin All In One SEO Pack versions 4.6.1.1...

6.1CVSS5.9AI score0.00369EPSS
Exploits2References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/17 5:22 a.m.11 views

CVE-2025-14384

The All in One SEO – Powerful SEO Plugin to Boost SEO Rankings & Increase Traffic plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the /aioseo/v1/ai/credits REST route in all versions up to, and including, 4.9.2. This makes it possible for...

4.3CVSS5AI score0.00226EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/16 4:44 a.m.3 views

CVE-2025-14384

The All in One SEO – Powerful SEO Plugin to Boost SEO Rankings & Increase Traffic plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the /aioseo/v1/ai/credits REST route in all versions up to, and including, 4.9.2. This makes it possible for...

4.3CVSS5.5AI score0.00226EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/01/16 4:44 a.m.4 views

CVE-2025-14384 All in One SEO – Powerful SEO Plugin to Boost SEO Rankings & Increase Traffic <= 4.9.2 - Missing Authorization to Authenticated (Contributor+) AI Access Token and Credit Disclosure

The All in One SEO – Powerful SEO Plugin to Boost SEO Rankings & Increase Traffic plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the /aioseo/v1/ai/credits REST route in all versions up to, and including, 4.9.2. This makes it possible for...

4.3CVSS4.7AI score0.00226EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/01/16 12:0 a.m.6 views

WordPress plugin All in One SEO – Powerful SEO plugin to boost SEO rankings and increase traffic. Security vulnerabilities

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

4.3CVSS5.8AI score0.00226EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/07 9:30 a.m.7 views

CVE-2019-16520

The all-in-one-seo-pack plugin before 3.2.7 for WordPress aka All in One SEO Pack is susceptible to Stored XSS due to improper encoding of the SEO-specific description for posts provided by the plugin via unsafe placeholder replacement...

5.4CVSS6AI score0.01532EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/12/18 7:22 a.m.3 views

CVE-2025-64295 WordPress All In One SEO Pack plugin <= 4.8.6.1 - Sensitive Data Exposure vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in Syed Balkhi All In One SEO Pack all-in-one-seo-pack allows Retrieve Embedded Sensitive Data.This issue affects All In One SEO Pack: from n/a through = 4.8.6.1...

6.5CVSS6.5AI score0.00279EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/18 12:0 a.m.7 views

WordPress plugin All In One SEO Pack 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin... A security...

6.5CVSS6.3AI score0.00279EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/16 9:31 a.m.4 views

EUVD-2025-203564

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Syed Balkhi All In One SEO Pack all-in-one-seo-pack allows Blind SQL Injection.This issue affects All In One SEO Pack: from n/a through = 4.9.1...

8.5CVSS7.1AI score0.00253EPSS
Exploits0References2
NVD
NVD
added 2025/12/16 9:15 a.m.4 views

CVE-2025-67950

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Syed Balkhi All In One SEO Pack all-in-one-seo-pack allows Blind SQL Injection.This issue affects All In One SEO Pack: from n/a through = 4.9.1...

8.5CVSS0.00253EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/16 8:12 a.m.4 views

CVE-2025-67950 WordPress All In One SEO Pack plugin <= 4.9.1 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Syed Balkhi All In One SEO Pack all-in-one-seo-pack allows Blind SQL Injection.This issue affects All In One SEO Pack: from n/a through = 4.9.1...

8.5CVSS7.3AI score0.00253EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/16 12:0 a.m.4 views

WordPress plugin All In One SEO Pack 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin... A security...

8.5CVSS7.5AI score0.00253EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/11/15 5:45 a.m.4 views

CVE-2025-12847 All in One SEO – Powerful SEO Plugin to Boost SEO Rankings & Increase Traffic <= 4.8.9 - Missing Authorization to Authenticated (Contributor+) Arbitrary Media Deletion

The All in One SEO – Powerful SEO Plugin to Boost SEO Rankings & Increase Traffic plugin for WordPress is vulnerable to unauthorized arbitrary media attachment deletion due to a missing authorization check in all versions up to, and including, 4.8.9. This is due to the REST API endpoint...

4.3CVSS4.9AI score0.0021EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2013-5818

Malware in sbrugna...

6.1CVSS6.3AI score0.01094EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-11949

Malware in sbrugna...

6.5CVSS6.5AI score0.01291EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-23529

Malware in sbrugna...

5.4CVSS5.5AI score0.00837EPSS
Exploits2References3
Rows per page
Query Builder