CVE-2025-49376 WordPress DELUCKS SEO plugin <= 2.5.9 - Broken Access Control vulnerability

Missing Authorization vulnerability in DELUCKS DELUCKS SEO delucks-seo allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects DELUCKS SEO: from n/a through = 2.5.9...

EUVD-2024-26785

Malicious code in bioql PyPI...

CVE-2024-30538

Missing Authorization vulnerability in DELUCKS GmbH DELUCKS SEO.This issue affects DELUCKS SEO: from n/a through 2.5.4...

CVE-2024-47387

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Search Atlas Group Search Atlas SEO metasync allows Stored XSS.This issue affects Search Atlas SEO: from n/a through = 1.8.2...

CVE-2025-4611 Slim SEO <= 4.5.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via slim_seo_breadcrumbs Shortcode

The Slim SEO – Fast & Automated WordPress SEO Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's slimseobreadcrumbs shortcode in all versions up to, and including, 4.5.3 due to insufficient input sanitization and output escaping on user supplied attributes...

WordPress plugin All in One SEO 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A cross-site scripting...

CVE-2025-32491 WordPress Rankology SEO – On-site SEO plugin <= 2.2.4 - Privilege Escalation Vulnerability

Incorrect Privilege Assignment vulnerability in Rankology Rankology SEO – On-site SEO rankology-seo-all-in-one-seo-analytics allows Privilege Escalation.This issue affects Rankology SEO – On-site SEO: from n/a through = 2.2.4...

CVE-2025-25147

Cross-Site Request Forgery CSRF vulnerability in Phillip.Gooch Auto SEO auto-seo allows Stored XSS.This issue affects Auto SEO: from n/a through = 2.5.6...

CVE-2025-22744

CVE-2025-22744 is a stored XSS vulnerability in the S-DEV SEO WordPress plugin by Rob von Bothmer / SeoDev SEO, affecting versions from n/a through 1.88. The Red Hat and Wordfence references confirm the CVE and the vulnerability type; no exploit or remediation details are provided in the document...

CVE-2025-22516

CVE-2025-22516 affects the Metadata SEO WordPress plugin (metadata-seo) with a stored cross-site scripting vulnerability. Root cause: improper neutralization of input during web page generation. Impact is Stored XSS under authenticated access (Contributor+). Affected: Metadata SEO up to version 2...

CVE-2023-6962

The WP Meta SEO plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.5.12 via the meta description. This makes it possible for unauthenticated attackers to disclose potentially sensitive information via the meta description of...

CVE-2024-31089 WordPress Platinum SEO plugin <= 2.4.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Techblissonline.Com Rajesh Platinum SEO allows Stored XSS.This issue affects Platinum SEO: from n/a through 2.4.0...

CVE-2023-1024

The WP Meta SEO plugin for WordPress is vulnerable to unauthorized sitemap generation due to a missing capability check on the regenerateSitemaps function in versions up to, and including, 4.5.3. This makes it possible for authenticated attackers with subscriber-level access to generate sitemaps...