77 matches found
WordPress WP Meta SEO plugin <= 4.5.18 - Unauthenticated Stored Cross-Site Scripting vulnerability
Unauthenticated Stored Cross-Site Scripting vulnerability discovered by zedeq - dmz-zedeq in WordPress Plugin WP Meta SEO versions = 4.5.18...
CVE-2026-11370
The WP Meta SEO plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.5.18 via the 'newlink' parameter. This makes it possible for authenticated attackers, with contributor-level access and above, to make web requests to arbitrary locations...
CVE-2026-11370 WP Meta SEO <= 4.5.18 - Authenticated (Contributor+) Server-Side Request Forgery via 'new_link' Parameter
The WP Meta SEO plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.5.18 via the 'newlink' parameter. This makes it possible for authenticated attackers, with contributor-level access and above, to make web requests to arbitrary locations...
EUVD-2022-52279
Malicious code in bioql PyPI...
EUVD-2024-41486
Malicious code in bioql PyPI...
EUVD-2023-23320
Malicious code in bioql PyPI...
EUVD-2024-41485
Malicious code in bioql PyPI...
EUVD-2023-59157
Malicious code in bioql PyPI...
EUVD-2023-23637
Malicious code in bioql PyPI...
EUVD-2023-23316
Malicious code in bioql PyPI...
CVE-2024-45455
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in JoomUnited WP Meta SEO wp-meta-seo allows Stored XSS.This issue affects WP Meta SEO: from n/a through = 4.5.13...
CVE-2024-45456
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in JoomUnited WP Meta SEO wp-meta-seo allows Stored XSS.This issue affects WP Meta SEO: from n/a through = 4.5.13...
CVE-2023-0876
The WP Meta SEO WordPress plugin before 4.5.3 does not authorize several ajax actions, allowing low-privilege users to make updates to certain data and leading to an arbitrary redirect vulnerability...
CVE-2023-6962
The WP Meta SEO plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.5.12 via the meta description. This makes it possible for unauthenticated attackers to disclose potentially sensitive information via the meta description of...
CVE-2023-1029
The WP Meta SEO plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.5.3. This is due to missing or incorrect nonce validation on the regenerateSitemaps function. This makes it possible for unauthenticated attackers to regenerate Sitemaps via a forg...
CVE-2024-45456
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in JoomUnited WP Meta SEO wp-meta-seo allows Stored XSS.This issue affects WP Meta SEO: from n/a through = 4.5.13...
CVE-2024-45455
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in JoomUnited WP Meta SEO allows Stored XSS.This issue affects WP Meta SEO: from n/a through 4.5.13...
CVE-2024-45455
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in JoomUnited WP Meta SEO wp-meta-seo allows Stored XSS.This issue affects WP Meta SEO: from n/a through = 4.5.13...
CVE-2024-45455 WordPress WP Meta SEO plugin <= 4.5.13 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in JoomUnited WP Meta SEO wp-meta-seo allows Stored XSS.This issue affects WP Meta SEO: from n/a through = 4.5.13...
CVE-2024-45455
CVE-2024-45455 is a stored XSS vulnerability in the WordPress plugin WP Meta SEO up to version 4.5.13, caused by improper neutralization of input during web page generation. Exploitation could affect authenticated users with administrator input and may lead to script execution in victims’ browser...