13 matches found
CVE-2024-34383
Authorization Bypass Through User-Controlled Key vulnerability in The SEO Guys at SEOPress SEOPress.This issue affects SEOPress: from n/a through 7.7.1...
EUVD-2024-27129
Malicious code in bioql PyPI...
CVE-2025-48298 WordPress SEOPress for MainWP <= 1.4 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Benjamin Denis SEOPress for MainWP seopress-for-mainwp allows PHP Local File Inclusion.This issue affects SEOPress for MainWP: from n/a through = 1.4...
CVE-2024-50455
Missing Authorization vulnerability in Benjamin Denis SEOPress wp-seopress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SEOPress: from n/a through = 8.1.1...
CVE-2024-50454
Missing Authorization vulnerability in Benjamin Denis SEOPress wp-seopress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SEOPress: from n/a through = 8.1.1...
CVE-2024-50456
Missing Authorization vulnerability in The SEO Guys at SEOPress SEOPress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SEOPress: from n/a through 8.1.1...
CVE-2024-50455
Missing Authorization vulnerability in The SEO Guys at SEOPress SEOPress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SEOPress: from n/a through 8.1.1...
WordPress plugin SEOPress security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
PT-2024-33319 · WordPress · Seopress
Name of the Vulnerable Software and Affected Versions: SEOPress WordPress plugin versions prior to 7.8 Description: The issue concerns a lack of validation and escaping in one of the Post settings of the SEOPress WordPress plugin. This could allow users with a contributor or higher role to perfor...
PT-2024-16922 · WordPress · Seopress
Name of the Vulnerable Software and Affected Versions: SEOPress – On-site SEO plugin for WordPress versions up to, and including, 7.5.2.1 Description: The issue arises from insufficient input sanitization and output escaping, allowing Stored Cross-Site Scripting attacks via parameters such as the...
PT-2023-17156 · WordPress · Seopress
Name of the Vulnerable Software and Affected Versions: SEOPress WordPress plugin versions prior to 6.5.0.3 Description: The issue allows high-privilege users, such as admins, to perform PHP Object Injection when a suitable gadget is present, due to the unserialize of user input provided via the...
CVE-2021-34641 SEOPress <= 5.0.0 – 5.0.3 Authenticated Stored Cross-Site Scripting
The SEOPress WordPress plugin is vulnerable to Stored Cross-Site-Scripting via the processPut function found in the /src/Actions/Api/TitleDescriptionMeta.php file which allows authenticated attackers to inject arbitrary web scripts, in versions 5.0.0 - 5.0.3...
WordPress 插件跨站脚本漏洞
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability exists i...