CVE-2025-14384
CVE-2025-14384 affects the All in One SEO – Powerful SEO Plugin for WordPress (versions ≤ 4.9.2). It arises from a missing capability check on the REST route /aioseo/v1/ai/credits, allowing authenticated users with Contributor-level access and above to disclose the global AI access token. Wordfen...