Lucene search
+L

318 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 11:29 p.m.5 views

CVE-2022-1093

The WP Meta SEO WordPress plugin before 4.4.7 does not sanitise or escape the breadcrumb separator before outputting it to the page, allowing a high privilege user such as an administrator to inject arbitrary javascript into the page even when unfiltered html is disallowed...

4.8CVSS6.9AI score0.00689EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:29 p.m.9 views

CVE-2022-44626

Missing Authorization vulnerability in Squirrly SEO Plugin by Squirrly SEO.This issue affects SEO Plugin by Squirrly SEO: from n/a through 12.1.20...

6.3CVSS8AI score0.00397EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:37 p.m.7 views

CVE-2021-25036

The All in One SEO WordPress plugin before 4.1.5.3 is affected by a Privilege Escalation issue, which was discovered during an internal audit by the Jetpack Scan team, and may grant bad actors access to protected REST API endpoints they shouldn’t have access to. This could ultimately enable users...

8.8CVSS7.6AI score0.02975EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:24 p.m.6 views

CVE-2021-25019

The SEO Plugin by Squirrly SEO WordPress plugin before 11.1.12 does not escape the type parameter before outputting it back in an attribute in an admin page, leading to a Reflected Cross-Site Scripting...

6.1CVSS6.5AI score0.00788EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 2:9 a.m.13 views

CVE-2013-5918

Cross-site scripting XSS vulnerability in platinumseopack.php in the Platinum SEO plugin before 1.3.8 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter...

4.3CVSS6AI score0.01618EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 12:50 a.m.8 views

CVE-2015-9319

The gregs-high-performance-seo plugin before 1.6.2 for WordPress has XSS in the context of an old browser...

6.1CVSS6.2AI score0.00913EPSS
Exploits0References1
NVD
NVD
added 2025/05/21 12:16 p.m.10 views

CVE-2025-4611

The Slim SEO – Fast & Automated WordPress SEO Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's slimseobreadcrumbs shortcode in all versions up to, and including, 4.5.3 due to insufficient input sanitization and output escaping on user supplied attributes...

6.4CVSS0.0046EPSS
Exploits1References7
Vulnrichment
Vulnrichment
added 2025/05/21 9:21 a.m.10 views

CVE-2025-4611 Slim SEO <= 4.5.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via slim_seo_breadcrumbs Shortcode

The Slim SEO – Fast & Automated WordPress SEO Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's slimseobreadcrumbs shortcode in all versions up to, and including, 4.5.3 due to insufficient input sanitization and output escaping on user supplied attributes...

6.4CVSS5.8AI score0.0046EPSS
Exploits1References7
CVE
CVE
added 2025/05/21 9:21 a.m.58 views

CVE-2025-4611

The CVE-2025-4611 entry concerns the WordPress plugin Slim SEO – Fast & Automated WordPress SEO Plugin. Affected component: the slim_seo_breadcrumbs shortcode in all versions up to and including 4.5.3. Root cause: insufficient input sanitization and output escaping on user-supplied attributes, en...

6.4CVSS5.7AI score0.0046EPSS
Exploits1References7
RedhatCVE
RedhatCVE
added 2025/05/21 5:2 a.m.15 views

CVE-2025-2892

The All in One SEO – Powerful SEO Plugin to Boost SEO Rankings & Increase Traffic plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the post Meta Description and Canonical URL parameters in all versions up to, and including, 4.8.1.1 due to insufficient input sanitization and...

6.4CVSS5.8AI score0.00265EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/19 4:21 a.m.24 views

CVE-2025-2892 All in One SEO Pack <= 4.8.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Post Meta Description and Canonical URL

The All in One SEO – Powerful SEO Plugin to Boost SEO Rankings & Increase Traffic plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the post Meta Description and Canonical URL parameters in all versions up to, and including, 4.8.1.1 due to insufficient input sanitization and...

6.4CVSS0.00265EPSS
Exploits0References2
NVD
NVD
added 2025/05/15 4:16 a.m.17 views

CVE-2025-3917

The 百度站长SEO合集支持百度/神马/Bing/头条推送 plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the downloadremoteimagetomedialibrary function in all versions up to, and including, 2.0.6. This makes it possible for unauthenticated attackers to upload arbitrary...

9.8CVSS0.0074EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/03/29 4:20 p.m.23 views

CVE-2025-22783

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in SEO Squirrly SEO Plugin by Squirrly SEO squirrly-seo allows SQL Injection.This issue affects SEO Plugin by Squirrly SEO: from n/a through = 12.4.03...

8.8CVSS7.3AI score0.00553EPSS
Exploits1References1
NVD
NVD
added 2025/03/27 4:15 p.m.19 views

CVE-2025-22783

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in SEO Squirrly SEO Plugin by Squirrly SEO squirrly-seo allows SQL Injection.This issue affects SEO Plugin by Squirrly SEO: from n/a through = 12.4.03...

8.8CVSS0.00553EPSS
Exploits1References1
CVE
CVE
added 2025/03/27 3:56 p.m.61 views

CVE-2025-22783

CVE-2025-22783 affects the WordPress SEO Plugin by Squirrly SEO (versions up to and including 12.4.03). The root cause is improper neutralization of special elements in SQL commands, leading to SQL injection. Public sources in connected docs note that the vulnerability impacts confidentiality, in...

8.8CVSS7.3AI score0.00553EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/03/27 3:56 p.m.10 views

CVE-2025-22783 WordPress SEO Plugin by Squirrly SEO plugin <= 12.4.03 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in SEO Squirrly SEO Plugin by Squirrly SEO allows SQL Injection.This issue affects SEO Plugin by Squirrly SEO: from n/a through 12.4.03...

8.5CVSS8.8AI score0.00553EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/03/27 3:56 p.m.28 views

CVE-2025-22783 WordPress SEO Plugin by Squirrly SEO plugin <= 12.4.03 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in SEO Squirrly SEO Plugin by Squirrly SEO squirrly-seo allows SQL Injection.This issue affects SEO Plugin by Squirrly SEO: from n/a through = 12.4.03...

8.5CVSS0.00553EPSS
Exploits1References1
Patchstack
Patchstack
added 2025/03/27 3:54 p.m.9 views

WordPress SEO Plugin by Squirrly SEO plugin <= 12.4.03 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Webula Patchstack Alliance in WordPress Plugin SEO Plugin by Squirrly SEO versions = 12.4.03...

8.8CVSS8.1AI score0.00553EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/03/18 12:0 a.m.6 views

SEO Automatic Seo Tools Plugin for WordPress Cross-Site Scripting

The WordPress SEO Automatic Seo Tools Plugin installed on the remote host is affected by a Cross-Site Scripting. Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number. No source data...

6.1CVSS7.4AI score0.00594EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/03/09 11:45 a.m.17 views

CVE-2025-1768

The SEO Plugin by Squirrly SEO plugin for WordPress is vulnerable to blind SQL Injection via the 'search' parameter in all versions up to, and including, 12.4.05 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...

6.5CVSS7.2AI score0.0049EPSS
Exploits0References1
Rows per page
Query Builder