CVE-2026-8900

The Simple SEO Slideshow plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Shortcode Attributes in all versions up to, and including, 1.2.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level...

WordPress plugin Simple SEO Slideshow 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

CVE-2026-8900

The CVE-2026-8900 entry concerns the WordPress plugin Simple SEO Slideshow (versions up to and including 1.2.8). The vulnerability is a Stored Cross-Site Scripting (XSS) via shortcode attributes , caused by insufficient input sanitization and output escaping. An authenticated attacker with contri...

WordPress Simple SEO Slideshow plugin <= 1.2.8 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Gilang - DJ in WordPress Plugin Simple SEO Slideshow versions = 1.2.8...

CVE-2023-45269

Cross-Site Request Forgery CSRF vulnerability in David Cole Simple SEO plugin = 2.0.25 versions...

WordPress Simple SEO plugin cross-site scripting vulnerability

WordPress Simple SEO plugin is an SEO optimization tool designed based on the SimpleTags plugin, which is mainly used to help users simplify search engine optimization SEO operations. WordPress Simple SEO plugin suffers from a cross-site scripting vulnerability that stems from the application's...

CVE-2025-10357

The Simple SEO WordPress plugin before 2.0.32 does not sanitise and escape some parameters when outputing them in the page, which could allow users with a role as low as contributor to perform Cross-Site Scripting attacks...

WordPress Simple SEO plugin < 2.0.32 - Contributor+ Stored XSS vulnerability

Contributor+ Stored XSS vulnerability discovered by Krugov Artyom in WordPress Plugin Simple SEO versions 2.0.32...

EUVD-2025-34141

The Simple SEO WordPress plugin before 2.0.32 does not sanitise and escape some parameters when outputing them in the page, which could allow users with a role as low as contributor to perform Cross-Site Scripting attacks...

CVE-2025-10357

The Simple SEO WordPress plugin before 2.0.32 does not sanitise and escape some parameters when outputing them in the page, which could allow users with a role as low as contributor to perform Cross-Site Scripting attacks...

CVE-2025-10357 Simple SEO < 2.0.32 - Contributor+ Stored XSS

The Simple SEO WordPress plugin before 2.0.32 does not sanitise and escape some parameters when outputing them in the page, which could allow users with a role as low as contributor to perform Cross-Site Scripting attacks...

WordPress plugin Simple SEO 安全漏洞

WordPress Simple SEO plugin is an SEO optimization tool designed based on the SimpleTags plugin, which is mainly used to help users simplify search engine optimization SEO operations. WordPress Simple SEO plugin suffers from a cross-site scripting vulnerability that stems from the application's...

PT-2025-41847

Name of the Vulnerable Software and Affected Versions Simple SEO WordPress plugin versions prior to 2.0.32 Description The software does not properly sanitize and escape parameters when outputting them on the page. This could allow users with a contributor role or higher to perform Cross-Site...

EUVD-2022-39117

Malicious code in bioql PyPI...

EUVD-2023-49575

Malicious code in bioql PyPI...

EUVD-2022-47563

Malicious code in bioql PyPI...

CVE-2023-45269

Cross-Site Request Forgery CSRF vulnerability in David Cole Simple SEO plugin = 2.0.25 versions...

CVE-2023-45269 WordPress Simple SEO Plugin <= 2.0.25 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in David Cole Simple SEO plugin = 2.0.25 versions...

CVE-2023-45269

CVE-2023-45269 - CSRF in WordPress Simple SEO plugin (

PT-2023-29475 · Unknown · David Cole Simple Seo

Name of the Vulnerable Software and Affected Versions: David Cole Simple SEO plugin versions prior to 2.0.25 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions on a...