47 matches found
CVE-2024-6556
The SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 3.10.8. This is due the plugin utilizing mobiledetect without preventing direct access to the files. This makes it possible for...
CVE-2023-5949
The SmartCrawl WordPress plugin before 3.8.3 does not prevent unauthorised users from accessing password-protected posts' content...
CVE-2024-6556
The SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 3.10.8. This is due the plugin utilizing mobiledetect without preventing direct access to the files. This makes it possible for...
CVE-2024-6556 SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer <= 3.10.8 - Unauthenticated Full Path Disclosure
The SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 3.10.8. This is due the plugin utilizing mobiledetect without preventing direct access to the files. This makes it possible for...
CVE-2024-6556 SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer <= 3.10.8 - Unauthenticated Full Path Disclosure
The SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 3.10.8. This is due the plugin utilizing mobiledetect without preventing direct access to the files. This makes it possible for...
CVE-2024-6556
CVE-2024-6556 affects the SmartCrawl WordPress plugin (SEO checker/analyst/optimizer) for WordPress, with Full Path Disclosure in all versions up to and including 3.10.8. Public details confirm the root cause: the plugin uses mobiledetect without preventing direct access to its files, enabling un...
WordPress SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer plugin <= 3.10.8 - Unauthenticated Full Path Disclosure vulnerability
Unauthenticated Full Path Disclosure vulnerability discovered by stealthcopter in WordPress Plugin SmartCrawl versions = 3.10.8...
WordPress plugin SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer Plugin <= 3.10.8 is vulnerable to Full Path Disclosure (FPD)
Software SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer Type Plugin Vulnerable versions = 3.10.8 Fixed in 3.10.9 OWASP Top 10 A5: Security Misconfiguration Classification Full Path Disclosure FPD CVE CVE-2024-6556 Patch priority Low CVSS severity Low 5.3 Developer WPMU DEV PSID...
PT-2024-37713 · WordPress · Smartcrawl
Name of the Vulnerable Software and Affected Versions: SmartCrawl WordPress SEO checker plugin versions up to, and including, 3.10.8 Description: The issue is due to the plugin utilizing mobiledetect without preventing direct access to the files, making it possible for unauthenticated attackers t...
CVE-2024-3287
The SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer plugin for WordPress is vulnerable to unauthorized ld+json description injection due to a missing capability check on the savesettings function in all versions up to, and including, 3.10.2. This makes it possible for unauthenticate...
CVE-2024-3287 SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer <= 3.10.2 - Missing Authorization
The SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer plugin for WordPress is vulnerable to unauthorized ld+json description injection due to a missing capability check on the savesettings function in all versions up to, and including, 3.10.2. This makes it possible for unauthenticate...
CVE-2024-3287 SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer <= 3.10.2 - Missing Authorization
The SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer plugin for WordPress is vulnerable to unauthorized ld+json description injection due to a missing capability check on the savesettings function in all versions up to, and including, 3.10.2. This makes it possible for unauthenticate...
CVE-2024-3287
The CVE for SmartCrawl WordPress SEO checker (CVE-2024-3287) is tied to unauthorized ld+json description injection caused by a missing capability check in save_settings. Technical details from connected sources indicate the issue affects all versions up to and including 3.10.2, enabling unauthent...
WordPress plugin SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2024-24925 · WordPress · Smartcrawl
Name of the Vulnerable Software and Affected Versions: SmartCrawl WordPress SEO checker plugin versions up to, and including, 3.10.2 Description: The issue is related to unauthorized ld+json description injection due to a missing capability check on the save settings function. This allows...
WordPress SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer plugin <= 3.10.2 - Missing Authorization vulnerability
Missing Authorization vulnerability discovered by Krzysztof Zając in WordPress Plugin SmartCrawl versions = 3.10.2...
WordPress SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer Plugin <= 3.10.2 is vulnerable to Broken Access Control
Software SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer Type Plugin Vulnerable versions = 3.10.2 Fixed in 3.10.3 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-3287 Patch priority Low CVSS severity Low 5.3 Developer WPMU DEV PSID d9ce8b757c...
SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer < 3.10.3 - Missing Authorization
Description The SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer plugin for WordPress is vulnerable to unauthorized ld+json description injection due to a missing capability check on the savesettings function in all versions up to, and including, 3.10.2. This makes it possible for...
CVE-2023-5949
The SmartCrawl WordPress plugin before 3.8.3 does not prevent unauthorised users from accessing password-protected posts' content...