19 matches found
CVE-2025-1264
The Broken Link Checker by AIOSEO – Easily Fix/Monitor Internal and External links plugin for WordPress is vulnerable to SQL Injection via the 'orderBy' parameter in all versions up to, and including, 1.2.3 due to insufficient escaping on the user supplied parameter and lack of sufficient...
CVE-2025-67962
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in AIOSEO Plugin Team Broken Link Checker broken-link-checker-seo allows SQL Injection.This issue affects Broken Link Checker: from n/a through = 1.2.6...
PT-2025-51436
Name of the Vulnerable Software and Affected Versions AIOSEO Plugin Team Broken Link Checker versions through 1.2.6 Description The Broken Link Checker component contains a flaw due to improper neutralization of special elements within SQL commands, leading to a potential SQL Injection issue. Thi...
CVE-2025-12847 All in One SEO – Powerful SEO Plugin to Boost SEO Rankings & Increase Traffic <= 4.8.9 - Missing Authorization to Authenticated (Contributor+) Arbitrary Media Deletion
The All in One SEO – Powerful SEO Plugin to Boost SEO Rankings & Increase Traffic plugin for WordPress is vulnerable to unauthorized arbitrary media attachment deletion due to a missing authorization check in all versions up to, and including, 4.8.9. This is due to the REST API endpoint...
EUVD-2025-28517
Malicious code in bioql PyPI...
WordPress Aioseo Multibyte Descriptions plugin cross-site request forgery vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A cross-site request forgery vulnerability exists in the WordPress Aioseo Multibyte Descriptions plugin, which stems from a WEB application that does not adequately validate tha...
CVE-2025-53327
Cross-Site Request Forgery CSRF vulnerability in ruimashita Aioseo Multibyte Descriptions aioseo-multibyte-descriptions allows Cross Site Request Forgery.This issue affects Aioseo Multibyte Descriptions: from n/a through = 0.0.6...
WordPress Aioseo Multibyte Descriptions plugin <= 0.0.6 - Cross Site Request Forgery (CSRF) Vulnerability
Cross Site Request Forgery CSRF Vulnerability discovered by Chu The Anh Blue Rock in WordPress Plugin Aioseo Multibyte Descriptions versions = 0.0.6...
CVE-2025-53327
Cross-Site Request Forgery CSRF vulnerability in ruimashita Aioseo Multibyte Descriptions aioseo-multibyte-descriptions allows Cross Site Request Forgery.This issue affects Aioseo Multibyte Descriptions: from n/a through = 0.0.6...
CVE-2025-53327
CVE-2025-53327: CSRF vulnerability in WordPress plugin Aioseo Multibyte Descriptions (versions
CVE-2025-53327 WordPress Aioseo Multibyte Descriptions plugin <= 0.0.6 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery CSRF vulnerability in ruimashita Aioseo Multibyte Descriptions aioseo-multibyte-descriptions allows Cross Site Request Forgery.This issue affects Aioseo Multibyte Descriptions: from n/a through = 0.0.6...
CVE-2025-53327 WordPress Aioseo Multibyte Descriptions plugin <= 0.0.6 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery CSRF vulnerability in ruimashita Aioseo Multibyte Descriptions aioseo-multibyte-descriptions allows Cross Site Request Forgery.This issue affects Aioseo Multibyte Descriptions: from n/a through = 0.0.6...
PT-2025-27221 · Unknown · Aioseo Multibyte Descriptions
Name of the Vulnerable Software and Affected Versions: Aioseo Multibyte Descriptions versions 0.0.0 through 0.0.6 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability, which allows an attacker to perform unauthorized actions on a user's account. Recommendations: For versions...
WordPress plugin Aioseo Multibyte Descriptions 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A cross-site request forgery vulnerability exists in the WordPress Aioseo Multibyte Descriptions plugin, which stems from a WEB application that does not adequately validate tha...
CVE-2025-1264
The Broken Link Checker by AIOSEO – Easily Fix/Monitor Internal and External links plugin for WordPress is vulnerable to SQL Injection via the 'orderBy' parameter in all versions up to, and including, 1.2.3 due to insufficient escaping on the user supplied parameter and lack of sufficient...
CVE-2025-1264 Broken Link Checker by AIOSEO <= 1.2.3 - Authenticated (Contributor+) SQL Injection
The Broken Link Checker by AIOSEO – Easily Fix/Monitor Internal and External links plugin for WordPress is vulnerable to SQL Injection via the 'orderBy' parameter in all versions up to, and including, 1.2.3 due to insufficient escaping on the user supplied parameter and lack of sufficient...
CVE-2025-1264
The connected Red Hat entry confirms CVE-2025-1264 for the Broken Link Checker by AIOSEO (WordPress). It describes an SQL Injection via the orderBy parameter in all versions ≤ 1.2.3 due to insufficient escaping and lack of proper query preparation. Exploitation requires authenticated access at Co...
CVE-2025-1264 Broken Link Checker by AIOSEO <= 1.2.3 - Authenticated (Contributor+) SQL Injection
The Broken Link Checker by AIOSEO – Easily Fix/Monitor Internal and External links plugin for WordPress is vulnerable to SQL Injection via the 'orderBy' parameter in all versions up to, and including, 1.2.3 due to insufficient escaping on the user supplied parameter and lack of sufficient...
Exploit for Deserialization of Untrusted Data in Aioseo All_In_One_Seo
Admin PHP unserialization RCE in All in one SEO pack CVE-202...