3 matches found
CVE-2021-24307
The All in One SEO – Best WordPress SEO Plugin – Easily Improve Your SEO Rankings before 4.1.0.2 enables authenticated users with "aioseotoolssettings" privilege most of the time admin to execute arbitrary code on the underlying host. Users can restore plugin's configuration by uploading a backup...
CVE-2021-24307
The All in One SEO – Best WordPress SEO Plugin – Easily Improve Your SEO Rankings before 4.1.0.2 enables authenticated users with "aioseotoolssettings" privilege most of the time admin to execute arbitrary code on the underlying host. Users can restore plugin's configuration by uploading a backup...
CVE-2021-24307
The CVE-2021-24307 entry relates to the WordPress plugin All in One SEO Pack (versions up to 4.1.0.2). The issue allows an authenticated user with aioseo_tools_settings privileges (typically admin) to achieve remote code execution on the host. The root cause involves unserializing values from a b...