Lucene search
K

47 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 8:0 a.m.15 views

CVE-2024-6556

The SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 3.10.8. This is due the plugin utilizing mobiledetect without preventing direct access to the files. This makes it possible for...

5.3CVSS6.5AI score0.00387EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:33 a.m.9 views

CVE-2023-5949

The SmartCrawl WordPress plugin before 3.8.3 does not prevent unauthorised users from accessing password-protected posts' content...

7.5CVSS6.8AI score0.00756EPSS
Exploits2References1
NVD
NVD
added 2024/07/10 9:15 a.m.34 views

CVE-2024-6556

The SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 3.10.8. This is due the plugin utilizing mobiledetect without preventing direct access to the files. This makes it possible for...

5.3CVSS0.00387EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/07/10 8:32 a.m.31 views

CVE-2024-6556 SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer <= 3.10.8 - Unauthenticated Full Path Disclosure

The SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 3.10.8. This is due the plugin utilizing mobiledetect without preventing direct access to the files. This makes it possible for...

5.3CVSS0.00387EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/07/10 8:32 a.m.12 views

CVE-2024-6556 SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer <= 3.10.8 - Unauthenticated Full Path Disclosure

The SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 3.10.8. This is due the plugin utilizing mobiledetect without preventing direct access to the files. This makes it possible for...

5.3CVSS6.6AI score0.00387EPSS
Exploits0References2
CVE
CVE
added 2024/07/10 8:32 a.m.50 views

CVE-2024-6556

CVE-2024-6556 affects the SmartCrawl WordPress plugin (SEO checker/analyst/optimizer) for WordPress, with Full Path Disclosure in all versions up to and including 3.10.8. Public details confirm the root cause: the plugin uses mobiledetect without preventing direct access to its files, enabling un...

5.3CVSS5.5AI score0.00387EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/07/10 6:23 a.m.6 views

WordPress SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer plugin <= 3.10.8 - Unauthenticated Full Path Disclosure vulnerability

Unauthenticated Full Path Disclosure vulnerability discovered by stealthcopter in WordPress Plugin SmartCrawl versions = 3.10.8...

5.3CVSS7AI score0.00387EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/07/10 12:0 a.m.5 views

WordPress plugin SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

5.3CVSS6.7AI score0.00387EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/07/10 12:0 a.m.19 views

WordPress SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer Plugin <= 3.10.8 is vulnerable to Full Path Disclosure (FPD)

Software SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer Type Plugin Vulnerable versions = 3.10.8 Fixed in 3.10.9 OWASP Top 10 A5: Security Misconfiguration Classification Full Path Disclosure FPD CVE CVE-2024-6556 Patch priority Low CVSS severity Low 5.3 Developer WPMU DEV PSID...

5.3CVSS6.6AI score0.00387EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2024/07/10 12:0 a.m.5 views

PT-2024-37713 · WordPress · Smartcrawl

Name of the Vulnerable Software and Affected Versions: SmartCrawl WordPress SEO checker plugin versions up to, and including, 3.10.8 Description: The issue is due to the plugin utilizing mobiledetect without preventing direct access to the files, making it possible for unauthenticated attackers t...

5.3CVSS6.7AI score0.00387EPSS
Exploits0References6
NVD
NVD
added 2024/05/02 5:15 p.m.17 views

CVE-2024-3287

The SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer plugin for WordPress is vulnerable to unauthorized ld+json description injection due to a missing capability check on the savesettings function in all versions up to, and including, 3.10.2. This makes it possible for unauthenticate...

5.3CVSS5.3AI score0.00565EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/05/02 4:52 p.m.23 views

CVE-2024-3287 SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer <= 3.10.2 - Missing Authorization

The SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer plugin for WordPress is vulnerable to unauthorized ld+json description injection due to a missing capability check on the savesettings function in all versions up to, and including, 3.10.2. This makes it possible for unauthenticate...

5.3CVSS5.6AI score0.00565EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/05/02 4:52 p.m.11 views

CVE-2024-3287 SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer <= 3.10.2 - Missing Authorization

The SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer plugin for WordPress is vulnerable to unauthorized ld+json description injection due to a missing capability check on the savesettings function in all versions up to, and including, 3.10.2. This makes it possible for unauthenticate...

5.3CVSS5.9AI score0.00565EPSS
Exploits0References2
CVE
CVE
added 2024/05/02 4:52 p.m.65 views

CVE-2024-3287

The CVE for SmartCrawl WordPress SEO checker (CVE-2024-3287) is tied to unauthorized ld+json description injection caused by a missing capability check in save_settings. Technical details from connected sources indicate the issue affects all versions up to and including 3.10.2, enabling unauthent...

5.3CVSS6.9AI score0.00565EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/05/02 12:0 a.m.5 views

WordPress plugin SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

5.3CVSS6.6AI score0.00565EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/05/02 12:0 a.m.4 views

PT-2024-24925 · WordPress · Smartcrawl

Name of the Vulnerable Software and Affected Versions: SmartCrawl WordPress SEO checker plugin versions up to, and including, 3.10.2 Description: The issue is related to unauthorized ld+json description injection due to a missing capability check on the save settings function. This allows...

5.3CVSS7.2AI score0.00565EPSS
Exploits0References4
Patchstack
Patchstack
added 2024/04/22 2:3 a.m.8 views

WordPress SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer plugin <= 3.10.2 - Missing Authorization vulnerability

Missing Authorization vulnerability discovered by Krzysztof Zając in WordPress Plugin SmartCrawl versions = 3.10.2...

5.3CVSS7AI score0.00565EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/04/22 12:0 a.m.10 views

WordPress SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer Plugin <= 3.10.2 is vulnerable to Broken Access Control

Software SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer Type Plugin Vulnerable versions = 3.10.2 Fixed in 3.10.3 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-3287 Patch priority Low CVSS severity Low 5.3 Developer WPMU DEV PSID d9ce8b757c...

5.3CVSS6.6AI score0.00565EPSS
Exploits0References3Affected Software1
WPVulnDB
WPVulnDB
added 2024/04/19 12:0 a.m.14 views

SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer < 3.10.3 - Missing Authorization

Description The SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer plugin for WordPress is vulnerable to unauthorized ld+json description injection due to a missing capability check on the savesettings function in all versions up to, and including, 3.10.2. This makes it possible for...

5.3CVSS7.2AI score0.00565EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2023/12/18 8:15 p.m.4 views

CVE-2023-5949

The SmartCrawl WordPress plugin before 3.8.3 does not prevent unauthorised users from accessing password-protected posts' content...

7.5CVSS5.8AI score0.00756EPSS
Exploits2References1
Rows per page
Query Builder