Lucene search
+L

19 matches found

redhatcve
redhatcve
added 2026/02/05 1:22 p.m.9 views

CVE-2025-15285

The SEO Flow by LupsOnline plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the checkBlogAuthentication and checkCategoryAuthentication functions in all versions up to, and including, 2.2.1. These authorization functions only implement...

7.5CVSS5.4AI score0.00397EPSS
Exploits0References1
nvd
nvd
added 2026/02/04 9:15 a.m.6 views

CVE-2025-15285

The SEO Flow by LupsOnline plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the checkBlogAuthentication and checkCategoryAuthentication functions in all versions up to, and including, 2.2.1. These authorization functions only implement...

7.5CVSS0.00397EPSS
Exploits0References3
attackerkb
attackerkb
added 2026/02/04 8:25 a.m.3 views

CVE-2025-15285

The SEO Flow by LupsOnline plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the checkBlogAuthentication and checkCategoryAuthentication functions in all versions up to, and including, 2.2.1. These authorization functions only implement...

7.5CVSS5.4AI score0.00397EPSS
Exploits0References3
cvelist
cvelist
added 2026/02/04 8:25 a.m.31 views

CVE-2025-15285 SEO Flow by LupsOnline <= 2.2.1 - Unauthenticated Arbitrary Post/Category Modification

The SEO Flow by LupsOnline plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the checkBlogAuthentication and checkCategoryAuthentication functions in all versions up to, and including, 2.2.1. These authorization functions only implement...

7.5CVSS0.00397EPSS
Exploits0References3
euvd
euvd
added 2026/02/04 8:25 a.m.5 views

EUVD-2025-206787

The SEO Flow by LupsOnline plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the checkBlogAuthentication and checkCategoryAuthentication functions in all versions up to, and including, 2.2.1. These authorization functions only implement...

7.5CVSS5.4AI score0.00397EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2026/02/04 8:25 a.m.3 views

CVE-2025-15285 SEO Flow by LupsOnline <= 2.2.1 - Unauthenticated Arbitrary Post/Category Modification

The SEO Flow by LupsOnline plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the checkBlogAuthentication and checkCategoryAuthentication functions in all versions up to, and including, 2.2.1. These authorization functions only implement...

7.5CVSS5.4AI score0.00397EPSS
Exploits0References3
cve
cve
added 2026/02/04 8:25 a.m.15 views

CVE-2025-15285

CVE-2025-15285 concerns the WordPress plugin SEO Flow by LupsOnline (versions

7.5CVSS5.4AI score0.00397EPSS
Exploits0References3
patchstack
patchstack
added 2026/02/04 7:28 a.m.9 views

WordPress SEO Flow by LupsOnline plugin <= 2.2.1 - Unauthenticated Arbitrary Post/Category Modification vulnerability

Unauthenticated Arbitrary Post/Category Modification vulnerability discovered by Tarcísio Luchesi De Almeida Silva Poystick in WordPress Plugin SEO Flow by LupsOnline versions = 2.2.1...

7.5CVSS5.3AI score0.00397EPSS
Exploits0References1Affected Software1
ptsecurity
ptsecurity
added 2026/02/04 12:0 a.m.6 views

PT-2026-5885

Name of the Vulnerable Software and Affected Versions SEO Flow versions prior to 2.2.2 Description The SEO Flow plugin for WordPress is susceptible to unauthorized data modification because of a missing capability check within the checkBlogAuthentication and checkCategoryAuthentication functions...

7.5CVSS5.5AI score0.00397EPSS
Exploits0References7
cnnvd
cnnvd
added 2026/02/04 12:0 a.m.9 views

WordPress plugin SEO Flow by LupsOnline 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

7.5CVSS5.8AI score0.00397EPSS
Exploits0References3
euvd
euvd
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-15509

Malicious code in bioql PyPI...

7.1CVSS7.6AI score0.00116EPSS
Exploits0References2
redhatcve
redhatcve
added 2025/05/18 4:2 p.m.21 views

CVE-2025-48146

Cross-Site Request Forgery CSRF vulnerability in Michael Lups SEO Flow by LupsOnline lupsonline-link-netwerk allows Stored XSS.This issue affects SEO Flow by LupsOnline: from n/a through = 2.2.1...

7.1CVSS7.2AI score0.00116EPSS
Exploits0References1
osv
osv
added 2025/05/16 4:15 p.m.6 views

CVE-2025-48146

Cross-Site Request Forgery CSRF vulnerability in Michael Lups SEO Flow by LupsOnline allows Stored XSS. This issue affects SEO Flow by LupsOnline: from n/a through 2.2.0...

6.1CVSS7.3AI score0.00116EPSS
Exploits0References1
nvd
nvd
added 2025/05/16 4:15 p.m.43 views

CVE-2025-48146

Cross-Site Request Forgery CSRF vulnerability in Michael Lups SEO Flow by LupsOnline lupsonline-link-netwerk allows Stored XSS.This issue affects SEO Flow by LupsOnline: from n/a through = 2.2.1...

7.1CVSS0.00116EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2025/05/16 3:45 p.m.12 views

CVE-2025-48146 WordPress SEO Flow by LupsOnline plugin <= 2.2.0 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Michael Lups SEO Flow by LupsOnline allows Stored XSS. This issue affects SEO Flow by LupsOnline: from n/a through 2.2.0...

7.1CVSS6.8AI score0.00116EPSS
Exploits0References1
cve
cve
added 2025/05/16 3:45 p.m.36 views

CVE-2025-48146

CVE-2025-48146 covers a CSRF-to-Stored XSS vulnerability in the WordPress plugin SEO Flow by LupsOnline. The vulnerability affects SEO Flow by LupsOnline versions n/a through 2.2.0, allowing an attacker to trick a logged-in user into performing actions that result in stored malicious script execu...

7.1CVSS7.2AI score0.00116EPSS
Exploits0References1Affected Software1
patchstack
patchstack
added 2025/05/16 10:29 a.m.12 views

WordPress SEO Flow by LupsOnline plugin <= 2.2.1 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin SEO Flow by LupsOnline versions = 2.2.1...

7.1CVSS7.4AI score0.00116EPSS
Exploits0Affected Software1
cnnvd
cnnvd
added 2025/05/16 12:0 a.m.4 views

WordPress plugin SEO Flow by LupsOnline 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

7.1CVSS7.2AI score0.00116EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2025/05/16 12:0 a.m.7 views

PT-2025-21737 · Lupsonline · Seo Flow

Name of the Vulnerable Software and Affected Versions: SEO Flow by LupsOnline versions n/a through 2.2.0 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Stored XSS. This means an attacker can trick a user into performing unintended actions on a web applicatio...

7.1CVSS7.5AI score0.00116EPSS
Exploits0References5
Rows per page
Query Builder