Lucene search
+L

3 matches found

Patchstack
Patchstack
added 2025/05/19 7:38 p.m.21 views

WordPress All in One SEO Pack plugin <= 4.8.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Post Meta Description and Canonical URL vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Post Meta Description and Canonical URL vulnerability discovered by Ivan Kuzymchak in WordPress Plugin All In One SEO Pack versions = 4.8.1.1...

6.4CVSS6.3AI score0.00265EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/05/19 4:21 a.m.7 views

CVE-2025-2892 All in One SEO Pack <= 4.8.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Post Meta Description and Canonical URL

The All in One SEO – Powerful SEO Plugin to Boost SEO Rankings & Increase Traffic plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the post Meta Description and Canonical URL parameters in all versions up to, and including, 4.8.1.1 due to insufficient input sanitization and...

6.4CVSS5.7AI score0.00265EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/05/19 4:21 a.m.24 views

CVE-2025-2892 All in One SEO Pack <= 4.8.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Post Meta Description and Canonical URL

The All in One SEO – Powerful SEO Plugin to Boost SEO Rankings & Increase Traffic plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the post Meta Description and Canonical URL parameters in all versions up to, and including, 4.8.1.1 due to insufficient input sanitization and...

6.4CVSS0.00265EPSS
Exploits0References2
Rows per page
Query Builder