Lucene search
K

137 matches found

Nuclei
Nuclei
added 19 hours ago30 views

WordPress Meta SEO <= 4.5.2 - Open Redirect

The WP Meta SEO WordPress plugin before 4.5.3 did not authorize several AJAX actions, which allowed low-privilege users to update certain data and resulted in an arbitrary redirect vulnerability. id: CVE-2023-0876 info: name: WordPress Meta SEO = 4.5.2 - Open Redirect author: Khalid6468 severity:...

6.1CVSS6.5AI score0.00713EPSS
Exploits2References2
Patchstack
Patchstack
added 2026/06/24 1:50 p.m.6 views

WordPress WP Meta SEO plugin <= 4.5.18 - Unauthenticated Stored Cross-Site Scripting vulnerability

Unauthenticated Stored Cross-Site Scripting vulnerability discovered by zedeq - dmz-zedeq in WordPress Plugin WP Meta SEO versions = 4.5.18...

7.2CVSS5.8AI score0.00241EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2026/06/24 7:16 a.m.12 views

CVE-2026-9643

The WP Meta SEO plugin for WordPress is vulnerable to Unauthenticated Stored Cross-Site Scripting via the REQUESTURI server variable in all versions up to, and including, 4.5.18. When the plugin's wpmsTemplateRedirect hook detects a 404, it concatenates $SERVER'HTTPHOST' with the raw...

7.2CVSS0.00241EPSS
Exploits0References6
NVD
NVD
added 2026/06/24 7:16 a.m.8 views

CVE-2026-11370

The WP Meta SEO plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.5.18 via the 'newlink' parameter. This makes it possible for authenticated attackers, with contributor-level access and above, to make web requests to arbitrary locations...

6.4CVSS0.00242EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/24 5:33 a.m.5 views

CVE-2026-9643

The WP Meta SEO plugin for WordPress is vulnerable to Unauthenticated Stored Cross-Site Scripting via the REQUESTURI server variable in all versions up to, and including, 4.5.18. When the plugin's wpmsTemplateRedirect hook detects a 404, it concatenates $SERVER'HTTPHOST' with the raw...

7.2CVSS6AI score0.00241EPSS
Exploits0References7
EUVD
EUVD
added 2026/06/24 5:33 a.m.7 views

EUVD-2026-38678

The WP Meta SEO plugin for WordPress is vulnerable to Unauthenticated Stored Cross-Site Scripting via the REQUESTURI server variable in all versions up to, and including, 4.5.18. When the plugin's wpmsTemplateRedirect hook detects a 404, it concatenates $SERVER'HTTPHOST' with the raw...

7.2CVSS6AI score0.00241EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/24 5:33 a.m.57 views

CVE-2026-9643 WP Meta SEO <= 4.5.18 - Unauthenticated Stored Cross-Site Scripting via REQUEST_URI in 404 Logging

The WP Meta SEO plugin for WordPress is vulnerable to Unauthenticated Stored Cross-Site Scripting via the REQUESTURI server variable in all versions up to, and including, 4.5.18. When the plugin's wpmsTemplateRedirect hook detects a 404, it concatenates $SERVER'HTTPHOST' with the raw...

7.2CVSS0.00241EPSS
Exploits0References6
CVE
CVE
added 2026/06/24 5:33 a.m.16 views

CVE-2026-9643

WP Meta SEO for WordPress insert(). This allows injection of arbitrary scripts that execute when an administrator visits the 404 & Redirects admin page (/wp-admin/admin.php?page=metaseo_broken_link). Exploitation details are not provided beyond the generic flow; no fixes, mitigations, or exploita...

7.2CVSS6AI score0.00241EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/24 5:33 a.m.34 views

CVE-2026-11370 WP Meta SEO <= 4.5.18 - Authenticated (Contributor+) Server-Side Request Forgery via 'new_link' Parameter

The WP Meta SEO plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.5.18 via the 'newlink' parameter. This makes it possible for authenticated attackers, with contributor-level access and above, to make web requests to arbitrary locations...

6.4CVSS0.00242EPSS
Exploits0References4
CVE
CVE
added 2026/06/24 5:33 a.m.31 views

CVE-2026-11370

CVE-2026-11370 : In the WordPress WP Meta SEO plugin (versions up to 4.5.18), there is a Server-Side Request Forgery (SSRF) via the new_link parameter. Exploitation requires an authenticated user with at leastContributor+ access. The vulnerability allows outbound web requests originating from the...

6.4CVSS6AI score0.00242EPSS
Exploits0References4
Patchstack
Patchstack
added 2026/06/23 4:46 p.m.4 views

WordPress WP Meta SEO plugin <= 4.5.18 - Authenticated (Contributor+) Server-Side Request Forgery vulnerability

Authenticated Contributor+ Server-Side Request Forgery vulnerability discovered by Enes Ismail - Enes in WordPress Plugin WP Meta SEO versions = 4.5.18...

6.4CVSS5.8AI score0.00242EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-23320

Malicious code in bioql PyPI...

4.3CVSS6.2AI score0.00316EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-41486

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00248EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-59157

Malicious code in bioql PyPI...

7.2CVSS6.7AI score0.00445EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-52279

Malicious code in bioql PyPI...

5.4CVSS5.1AI score0.00273EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-41485

Malicious code in bioql PyPI...

5.9CVSS6.5AI score0.00247EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-23316

Malicious code in bioql PyPI...

4.3CVSS6.2AI score0.00538EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-23637

Malicious code in bioql PyPI...

8.8CVSS9AI score0.01689EPSS
Exploits2References3
RedhatCVE
RedhatCVE
added 2025/05/23 10:33 a.m.11 views

CVE-2024-45455

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in JoomUnited WP Meta SEO wp-meta-seo allows Stored XSS.This issue affects WP Meta SEO: from n/a through = 4.5.13...

5.9CVSS5.9AI score0.00247EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:33 a.m.8 views

CVE-2024-45456

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in JoomUnited WP Meta SEO wp-meta-seo allows Stored XSS.This issue affects WP Meta SEO: from n/a through = 4.5.13...

6.5CVSS5.9AI score0.00248EPSS
Exploits0References1
Rows per page
Query Builder