CVE-2023-1026

The WP Meta SEO plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the listPostsCategory function in versions up to, and including, 4.5.3. This makes it possible for authenticated attackers with subscriber-level access to get post listings by...

CVE-2023-1026

The WP Meta SEO plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the listPostsCategory function in versions up to, and including, 4.5.3. This makes it possible for authenticated attackers with subscriber-level access to get post listings by...

PT-2023-16698 · WordPress · Wp Meta Seo

Name of the Vulnerable Software and Affected Versions: WP Meta SEO plugin for WordPress versions up to, and including, 4.5.3 Description: The issue arises from a missing capability check on the listPostsCategory function, allowing authenticated attackers with subscriber-level access to obtain pos...

WordPress 4.7 / 4.7.1 REST API Content Injection Exploit

Usage Info msf use auxiliary/scanner/http/wordpresscontentinjection msf auxiliarywordpresscontentinjection show actions ...actions... msf auxiliarywordpresscontentinjection set ACTION msf auxiliarywordpresscontentinjection show options ...show and set options... msf...