Lucene search
K

49 matches found

RedhatCVE
RedhatCVE
added 2026/03/26 5:1 p.m.5 views

CVE-2026-24968

Incorrect Privilege Assignment vulnerability in Xagio SEO Xagio SEO xagio-seo allows Privilege Escalation.This issue affects Xagio SEO: from n/a through = 7.1.0.30...

9.8CVSS5.8AI score0.00408EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/25 6:31 p.m.5 views

EUVD-2026-15577

Incorrect Privilege Assignment vulnerability in Xagio SEO Xagio SEO xagio-seo allows Privilege Escalation.This issue affects Xagio SEO: from n/a through = 7.1.0.30...

5.8AI score0.00408EPSS
Exploits0References2
NVD
NVD
added 2026/03/25 5:16 p.m.6 views

CVE-2026-24968

Incorrect Privilege Assignment vulnerability in Xagio SEO Xagio SEO xagio-seo allows Privilege Escalation.This issue affects Xagio SEO: from n/a through = 7.1.0.30...

9.8CVSS0.00408EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/25 4:14 p.m.2 views

CVE-2026-24968 WordPress Xagio SEO plugin <= 7.1.0.30 - Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in Xagio SEO Xagio SEO xagio-seo allows Privilege Escalation.This issue affects Xagio SEO: from n/a through = 7.1.0.30...

9.8CVSS5.9AI score0.00408EPSS
Exploits0References1
CVE
CVE
added 2026/03/25 4:14 p.m.11 views

CVE-2026-24968

CVE-2026-24968 – Xagio SEO WordPress plugin Privilege Escalation CVE-2026-24968 corresponds to an Incorrect Privilege Assignment vulnerability in the WordPress plugin Xagio SEO, affecting versions from n/a through

9.8CVSS5.8AI score0.00408EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/25 4:14 p.m.30 views

CVE-2026-24968 WordPress Xagio SEO plugin <= 7.1.0.30 - Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in Xagio SEO Xagio SEO xagio-seo allows Privilege Escalation.This issue affects Xagio SEO: from n/a through = 7.1.0.30...

9.8CVSS0.00408EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.7 views

WordPress plugin Xagio SEO 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

9.8CVSS5.8AI score0.00408EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.14 views

PT-2026-27861

Name of the Vulnerable Software and Affected Versions Xagio SEO versions n/a through 7.1.0.30 Description An incorrect privilege assignment exists in Xagio SEO. This allows for privilege escalation. Recommendations Update Xagio SEO to a version later than 7.1.0.30...

9.8CVSS5.9AI score0.00408EPSS
Exploits0References3
Patchstack
Patchstack
added 2026/03/12 11:57 a.m.7 views

WordPress Xagio SEO plugin <= 7.1.0.30 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by daroo in WordPress Plugin Xagio SEO versions = 7.1.0.30...

9.8CVSS5.8AI score0.00408EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/07 9:18 a.m.4 views

CVE-2025-14438

The Xagio SEO – AI Powered SEO plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 7.1.0.30 via the 'pixabayDownloadImage' function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to make web requests...

6.4CVSS5.7AI score0.00197EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/01/06 9:45 a.m.9 views

WordPress Xagio SEO plugin <= 7.1.0.30 - Authenticated (Subscriber+) Server-Side Request Forgery vulnerability

Authenticated Subscriber+ Server-Side Request Forgery vulnerability discovered by Jack Taylor in WordPress Plugin Xagio SEO versions = 7.1.0.30...

6.4CVSS6.8AI score0.00197EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2026/01/06 5:15 a.m.5 views

CVE-2025-14438

The Xagio SEO – AI Powered SEO plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 7.1.0.30 via the 'pixabayDownloadImage' function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to make web requests...

6.4CVSS0.00197EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/01/06 4:31 a.m.29 views

CVE-2025-14438 Xagio SEO <= 7.1.0.30 - Authenticated (Subscriber+) Server-Side Request Forgery

The Xagio SEO – AI Powered SEO plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 7.1.0.30 via the 'pixabayDownloadImage' function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to make web requests...

6.4CVSS0.00197EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/01/06 4:31 a.m.3 views

CVE-2025-14438 Xagio SEO <= 7.1.0.30 - Authenticated (Subscriber+) Server-Side Request Forgery

The Xagio SEO – AI Powered SEO plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 7.1.0.30 via the 'pixabayDownloadImage' function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to make web requests...

6.4CVSS5.4AI score0.00197EPSS
Exploits0References5
CVE
CVE
added 2026/01/06 4:31 a.m.14 views

CVE-2025-14438

CVE-2025-14438 affects Xagio SEO – AI Powered SEO (WordPress). The vulnerability is a Server-Side Request Forgery (SSRF) via the pixabayDownloadImage function, exploitable from authenticated users with Subscriber-level access and above, across all versions up to 7.1.0.30. Successful exploitation ...

6.4CVSS5.4AI score0.00197EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/01/06 12:0 a.m.5 views

WordPress plugin Xagio SEO – AI Powered SEO 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. WordPress plugin Xagio...

6.4CVSS6.8AI score0.00197EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/12/10 3:13 p.m.4 views

CVE-2025-63025

Missing Authorization vulnerability in Xagio SEO Xagio SEO xagio-seo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Xagio SEO: from n/a through = 7.1.0.37...

4.3CVSS5.7AI score0.00185EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/09 6:30 p.m.5 views

EUVD-2025-201992

Missing Authorization vulnerability in Xagio SEO Xagio SEO xagio-seo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Xagio SEO: from n/a through = 7.1.0.29...

6.5AI score0.00185EPSS
Exploits0References2
NVD
NVD
added 2025/12/09 4:18 p.m.5 views

CVE-2025-63025

Missing Authorization vulnerability in Xagio SEO Xagio SEO xagio-seo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Xagio SEO: from n/a through = 7.1.0.37...

4.3CVSS0.00185EPSS
Exploits0References1
CVE
CVE
added 2025/12/09 2:52 p.m.8 views

CVE-2025-63025

CVE-2025-63025 covers a Missing Authorization/Broken Access Control in the WordPress plugin Xagio SEO (xagio-seo). Multiple sources confirm the issue affects versions up to 7.1.0.29 (Wordfence/NVD entry) with a published remediation path indicating a fixed release later in the 7.1.x line (e.g., P...

4.3CVSS5.7AI score0.00185EPSS
Exploits0References1
Rows per page
Query Builder