SEOPress < 7.9 - Authentication Bypass

The SEOPress WordPress plugin before 7.9 does not properly protect some of its REST API routes, which combined with another Object Injection vulnerability can allow unauthenticated attackers to unserialize malicious gadget chains, compromising the site if a suitable chain is present. id:...

WordPress SEOPress - On-site SEO plugin <= 7.5.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

WordPress SEOPress - On-site SEO plugin = 7.5.2.1 - Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Muhammad Daffa in WordPress Plugin SEOPress versions = 7.5.2.1...

CVE-2024-34383

Authorization Bypass Through User-Controlled Key vulnerability in The SEO Guys at SEOPress SEOPress.This issue affects SEOPress: from n/a through 7.7.1...

CVE-2024-2165

The SEOPress – On-site SEO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the image alt parameter in all versions up to, and including, 7.5.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with author access...

EUVD-2021-21291

Malware in sbrugna...

EUVD-2024-16907

Malicious code in bioql PyPI...

EUVD-2024-49804

Malicious code in bioql PyPI...

EUVD-2025-25370

Malicious code in bioql PyPI...

EUVD-2024-44882

Malicious code in bioql PyPI...

EUVD-2024-44883

Malicious code in bioql PyPI...

EUVD-2024-44881

Malicious code in bioql PyPI...

EUVD-2024-27129

Malicious code in bioql PyPI...

EUVD-2024-34755

Malicious code in bioql PyPI...

EUVD-2024-16936

Malicious code in bioql PyPI...

CVE-2025-48298

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Benjamin Denis SEOPress for MainWP seopress-for-mainwp allows PHP Local File Inclusion.This issue affects SEOPress for MainWP: from n/a through = 1.4...

CVE-2025-48298

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Benjamin Denis SEOPress for MainWP seopress-for-mainwp allows PHP Local File Inclusion.This issue affects SEOPress for MainWP: from n/a through = 1.4...

CVE-2025-48298 WordPress SEOPress for MainWP <= 1.4 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Benjamin Denis SEOPress for MainWP seopress-for-mainwp allows PHP Local File Inclusion.This issue affects SEOPress for MainWP: from n/a through = 1.4...

CVE-2025-48298 WordPress SEOPress for MainWP <= 1.4 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Benjamin Denis SEOPress for MainWP seopress-for-mainwp allows PHP Local File Inclusion.This issue affects SEOPress for MainWP: from n/a through = 1.4...

CVE-2025-48298

CVE-2025-48298 is an unauthenticated Local File Inclusion in WordPress SEOPress for MainWP

WordPress plugin SEOPress for MainWP 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...