Lucene search
K

318 matches found

osv
osv
added 2017/11/16 3:29 a.m.4 views

CVE-2017-16842

Cross-site scripting XSS vulnerability in admin/googlesearchconsole/class-gsc-table.php in the Yoast SEO plugin before 5.8.0 for WordPress allows remote attackers to inject arbitrary web script or HTML...

4.8CVSS5.9AI score0.01345EPSS
Exploits3References3
cvelist
cvelist
added 2017/11/16 3:0 a.m.28 views

CVE-2017-16842

Cross-site scripting XSS vulnerability in admin/googlesearchconsole/class-gsc-table.php in the Yoast SEO plugin before 5.8.0 for WordPress allows remote attackers to inject arbitrary web script or HTML...

5.1AI score0.01345EPSS
Exploits3References3
cnvd
cnvd
added 2017/09/20 12:0 a.m.7 views

vBulletin VBSEO 'visitormessage.php' Remote Code Injection Vulnerability

vBulletin is the United States Internet Brands and vBulletin Solutions, Inc. jointly developed an open source commercial Web forum program. vBulletin VBSEO module is one of the SEO management module . A security vulnerability exists in the functionsvbseohook.php file in the vBulletin VBSEO module...

9CVSS7.5AI score0.14785EPSS
Exploits3References1
hackerone
hackerone
added 2016/12/04 9:3 p.m.50 views

OLX: Multiple vulnerabilities in http://blog.dubizzle.com/uae

http://blog.dubizzle.com/uae/ uses outdated Yoast Seo plugin which has following vulnerabilities: ! Title: Yoast SEO = 3.2.4 - Subscriber Settings Sensitive Data Exposure Reference: https://wpvulndb.com/vulnerabilities/8487 ! Title: Yoast SEO = 3.2.5 - Unspecified Cross-Site Scripting XSS...

Exploits0
cnvd
cnvd
added 2016/07/20 12:0 a.m.1 views

WordPress All in One SEO Pack Plugin HTML Injection Vulnerability

WordPress is a set of blogging platform developed in PHP language by WordPress Software Foundation.All in One SEO Pack is one of the SEO optimized plugins. An HTML injection vulnerability exists in the WordPress All in One SEO Pack plugin version 2.3.6.1, which can be exploited by an attacker to...

7.2AI score
Exploits0References1
cnvd
cnvd
added 2015/06/16 12:0 a.m.1 views

WordPress Greg's High Performance SEO Plugin Cross-Site Scripting Vulnerability

WordPress is a blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the WordPress Greg's High Performance SEO plugin due to the program failing to properly filter user-supplied input. A...

6.9AI score
Exploits0References1
threatpost
threatpost
added 2015/06/15 10:0 a.m.22 views

Popular WordPress SEO Plugin Fixes XSS Bug

The Yoast WordPress SEO plugin, which has been downloaded more than 14 million times, has a serious cross-site scripting vulnerability that can allow an attacker to force a vulnerable site to execute arbitrary HTML code. The bug may have been reported to the plugin’s developer as long as two year...

0.8AI score
Exploits0References5
wpvulndb
wpvulndb
added 2015/06/12 12:0 a.m.46 views

Yoast SEO <= 2.1.1 - Authenticated Stored DOM XSS

The "snippet preview" functionality of the Yoast WordPress SEO plugin was susceptible to cross-site scripting in versions before 2.2. PoC Vulnerable URL: /wp-admin/post-new.php?posttitle= Vulnerable Code wordpress-seo/js/wp-seo-metabox.js: function ystcleanstr if str == '' || str == undefined...

4.3CVSS0.3AI score0.03206EPSS
Exploits2References1Affected Software1
prion
prion
added 2015/01/13 11:59 a.m.11 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in the SEO Plugin LiveOptim plugin before 1.1.4-free for WordPress allows remote attackers to hijack the authentication of administrators for requests that change plugin settings via unspecified vectors. NOTE: some of these details are obtained from...

6.8CVSS7.6AI score0.01081EPSS
Exploits0References3Affected Software1
nvd
nvd
added 2015/01/13 11:59 a.m.9 views

CVE-2014-100001

Cross-site request forgery CSRF vulnerability in the SEO Plugin LiveOptim plugin before 1.1.4-free for WordPress allows remote attackers to hijack the authentication of administrators for requests that change plugin settings via unspecified vectors. NOTE: some of these details are obtained from...

6.8CVSS7.1AI score0.01081EPSS
Exploits0References3
cve
cve
added 2015/01/13 11:0 a.m.44 views

CVE-2014-100001

CVE-2014-100001 is a CSRF vulnerability in the WordPress plugin LiveOptim (SEO Plugin LiveOptim) before version 1.1.4-free . The issue allows remote attackers to hijack the authentication of administrators and perform requests that change plugin settings via unspecified vectors, effectively manip...

6.8CVSS7.3AI score0.01081EPSS
Exploits0References3Affected Software1
wpvulndb
wpvulndb
added 2014/08/01 10:59 a.m.14 views

LiveOptim 1.1.3 - Configuration Setting Manipulation CSRF

The SEO Plugin LiveOptim WordPress plugin was affected by a Configuration Setting Manipulation CSRF security vulnerability...

6.8CVSS2.3AI score0.01081EPSS
Exploits0References1Affected Software1
nvd
nvd
added 2013/09/30 10:55 p.m.19 views

CVE-2013-5961

Unrestricted file upload vulnerability in lazyseo.php in the Lazy SEO plugin 1.1.9 for WordPress allows remote attackers to execute arbitrary PHP code by uploading a PHP file, then accessing it via a direct request to the file in lazy-seo/...

6.8CVSS7.7AI score0.05453EPSS
Exploits1References4
prion
prion
added 2013/09/30 10:55 p.m.15 views

Unrestricted file upload

Unrestricted file upload vulnerability in lazyseo.php in the Lazy SEO plugin 1.1.9 for WordPress allows remote attackers to execute arbitrary PHP code by uploading a PHP file, then accessing it via a direct request to the file in lazy-seo/...

6.8CVSS8.2AI score0.05453EPSS
Exploits1References4Affected Software1
exploitpack
exploitpack
added 2013/09/22 12:0 a.m.8 views

WordPress Plugin Lazy SEO 1.1.9 - Arbitrary File Upload

WordPress Plugin Lazy SEO 1.1.9 - Arbitrary File Upload Exploit Title : Wordpress Lazy SEO plugin Shell Upload Vulnerability Exploit Author : Ashiyane Digital Security Team Google Dork: : inurl:/wp-content/plugins/lazy-seo/ Date: 2013/09/21 Vendor Homepage : http://wordpress.org/plugins/lazy-seo...

0.2AI score
Exploits0
exploitdb
exploitdb
added 2013/09/22 12:0 a.m.28 views

WordPress Plugin Lazy SEO 1.1.9 - Arbitrary File Upload

Exploit Title : Wordpress Lazy SEO plugin Shell Upload Vulnerability Exploit Author : Ashiyane Digital Security Team Google Dork: : inurl:/wp-content/plugins/lazy-seo/ Date: 2013/09/21 Vendor Homepage : http://wordpress.org/plugins/lazy-seo Software Link :...

7.4AI score
Exploits0
patchstack
patchstack
added 2013/09/19 12:0 a.m.16 views

WordPress Platinum SEO Plugin <= 1.3.7 - XSS

Because of this vulnerability in platinumseopack.php, the attackers can inject arbitrary web script or HTML via the "s" parameter. Solution Update the plugin...

4.3CVSS2.8AI score0.01618EPSS
Exploits1References1Affected Software1
exploitpack
exploitpack
added 2011/01/30 12:0 a.m.22 views

vBSEO Sitemap 2.53.0 - Multiple Vulnerabilities

vBSEO Sitemap 2.53.0 - Multiple Vulnerabilities vBSEO Sitemap - Multiple Vulnerabilities Versions Affected: 2.5 and 3.0 Most likely all versions Info: A proven success record, vBSEO powers the most optimized forums on the Web. The 1 SEO plugin and the only professional, fully supported solution. ...

0.5AI score
Exploits0
Rows per page
Query Builder