14 matches found
CVE-2026-25437
Missing Authorization vulnerability in سید محمدامین هاشمی GZSEO gzseo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GZSEO: from n/a through = 2.0.14...
EUVD-2026-15727
Missing Authorization vulnerability in سید محمدامین هاشمی GZSEO gzseo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GZSEO: from n/a through = 2.0.14...
CVE-2026-25437
Missing Authorization vulnerability in سید محمدامین هاشمی GZSEO gzseo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GZSEO: from n/a through = 2.0.14...
CVE-2026-25437 WordPress GZSEO plugin <= 2.0.14 - Broken Access Control vulnerability
Missing Authorization vulnerability in سید محمدامین هاشمی GZSEO gzseo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GZSEO: from n/a through = 2.0.14...
CVE-2026-25437
CVE-2026-25437 describes a Missing Authorization vulnerability in the GZSEO (WordPress plugin) until version 2.0.14. The description notes an exploit of incorrectly configured access control/security levels, but the provided documents do not specify the root cause in technical terms, affected fil...
CVE-2026-25437 WordPress GZSEO plugin <= 2.0.14 - Broken Access Control vulnerability
Missing Authorization vulnerability in سید محمدامین هاشمی GZSEO gzseo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GZSEO: from n/a through = 2.0.14...
WordPress plugin GZSEO 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
PT-2026-27947
Missing Authorization vulnerability in سید محمدامین هاشمی GZSEO gzseo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GZSEO: from n/a through = 2.0.14...
WordPress GZSEO plugin <= 2.0.14 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin GZSEO versions = 2.0.14...
CVE-2025-14941
The GZSEO plugin for WordPress is vulnerable to authorization bypass leading to Stored Cross-Site Scripting in all versions up to, and including, 2.0.11. This is due to missing capability checks on multiple AJAX handlers combined with insufficient input sanitization and output escaping on the...
CVE-2025-14941
The CVE CVE-2025-14941 affects the WordPress plugin GZSEO (versions up to and including 2.0.11). The authenticated attacker (Contributor+ level) can bypass authorization due to missing capability checks on multiple AJAX handlers and insufficient input sanitization/output escaping on the embed_cod...
CVE-2025-14941
The GZSEO plugin for WordPress is vulnerable to authorization bypass leading to Stored Cross-Site Scripting in all versions up to, and including, 2.0.11. This is due to missing capability checks on multiple AJAX handlers combined with insufficient input sanitization and output escaping on the...
CVE-2025-14941 GZSEO <= 2.0.11 - Authenticated (Contributor+) Authorization Bypass to Stored Cross-Site Scripting
The GZSEO plugin for WordPress is vulnerable to authorization bypass leading to Stored Cross-Site Scripting in all versions up to, and including, 2.0.11. This is due to missing capability checks on multiple AJAX handlers combined with insufficient input sanitization and output escaping on the...
WordPress GZSEO plugin <= 2.0.11 - Authenticated (Contributor+) Authorization Bypass to Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Authorization Bypass to Stored Cross-Site Scripting vulnerability discovered by Paolo Tresso - Wordfence in WordPress Plugin GZSEO versions = 2.0.11...