Lucene search
K

25 matches found

NVD
NVD
added 4 days ago5 views

CVE-2026-12408

The Slim SEO – A Fast & Automated SEO Plugin For WordPress plugin for WordPress is vulnerable to Unauthorized Private Content Disclosure in all versions up to, and including, 4.9.8 via the /wp-json/slim-seo/meta-tags/ai REST API endpoint. This is due to the endpoint's permissioncallback performin...

4.3CVSS0.00257EPSS
Exploits0References8
CVE
CVE
added 4 days ago11 views

CVE-2026-12408

The CVE-2026-12408 entry concerns the WordPress plugin Slim SEO (versions up to and including 4.9.8). The vulnerability arises from the REST endpoint /wp-json/slim-seo/meta-tags/ai: the permission_callback only checks a top-level edit_posts capability and does not verify that the requester can re...

4.3CVSS5.9AI score0.00257EPSS
Exploits0References8
EUVD
EUVD
added 4 days ago9 views

EUVD-2026-40937

The Slim SEO – A Fast & Automated SEO Plugin For WordPress plugin for WordPress is vulnerable to Unauthorized Private Content Disclosure in all versions up to, and including, 4.9.8 via the /wp-json/slim-seo/meta-tags/ai REST API endpoint. This is due to the endpoint's permissioncallback performin...

4.3CVSS5.9AI score0.00257EPSS
Exploits0References8
Cvelist
Cvelist
added 4 days ago35 views

CVE-2026-12408 Slim SEO <= 4.9.8 - Authenticated (Contributor+) Insufficient Authorization to Private Content Disclosure via 'object.ID' Parameter

The Slim SEO – A Fast & Automated SEO Plugin For WordPress plugin for WordPress is vulnerable to Unauthorized Private Content Disclosure in all versions up to, and including, 4.9.8 via the /wp-json/slim-seo/meta-tags/ai REST API endpoint. This is due to the endpoint's permissioncallback performin...

4.3CVSS0.00257EPSS
Exploits0References8
Patchstack
Patchstack
added 5 days ago6 views

WordPress Slim SEO – A Fast & Automated SEO Plugin For WordPress plugin <= 4.9.8 - Authenticated (Contributor+) Insufficient Authorization to Private Content Disclosure vulnerability

Authenticated Contributor+ Insufficient Authorization to Private Content Disclosure vulnerability discovered by Abu Hurayra HurayraIIT in WordPress Plugin Slim SEO versions = 4.9.8...

4.3CVSS5.8AI score0.00257EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/06/25 1:12 p.m.11 views

CVE-2026-57429

CVE-2026-57429 is associated with the WordPress plugin Slim SEO (versions ≤ 4.6.2). The vulnerability is described as Broken Access Control in the available connected documents (Patchstack listing and CVE records). Public details in the connected sources confirm the affected software/component an...

6.5CVSS5.8AI score0.00248EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 1:12 p.m.7 views

EUVD-2026-39385

Contributor Broken Access Control in Slim SEO = 4.6.2 versions...

6.5CVSS5.8AI score0.00248EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/25 1:12 p.m.29 views

CVE-2026-57429 WordPress Slim SEO plugin <= 4.6.2 - Broken Access Control vulnerability

Contributor Broken Access Control in Slim SEO = 4.6.2 versions...

6.5CVSS0.00248EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/25 1:12 p.m.4 views

CVE-2026-57429

Contributor Broken Access Control in Slim SEO = 4.6.2 versions...

6.5CVSS5.8AI score0.00248EPSS
Exploits0References2
Patchstack
Patchstack
added 2026/06/25 8:14 a.m.5 views

WordPress Slim SEO plugin <= 4.6.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Abu Hurayra in WordPress Plugin Slim SEO versions = 4.6.2...

6.5CVSS5.8AI score0.00248EPSS
Exploits0Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-28317

Malicious code in bioql PyPI...

7.6CVSS7.6AI score0.00271EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/06/19 3:20 p.m.12 views

CVE-2025-49854

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Anh Tran Slim SEO slim-seo allows SQL Injection.This issue affects Slim SEO: from n/a through = 4.5.4...

7.6CVSS5.9AI score0.00271EPSS
Exploits0References1
NVD
NVD
added 2025/06/17 3:15 p.m.5 views

CVE-2025-49854

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Anh Tran Slim SEO slim-seo allows SQL Injection.This issue affects Slim SEO: from n/a through = 4.5.4...

7.6CVSS0.00271EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/17 3:1 p.m.11 views

CVE-2025-49854 WordPress Slim SEO plugin <= 4.5.4 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Anh Tran Slim SEO slim-seo allows SQL Injection.This issue affects Slim SEO: from n/a through = 4.5.4...

7.6CVSS0.00271EPSS
Exploits0References1
CVE
CVE
added 2025/06/17 3:1 p.m.31 views

CVE-2025-49854

CVE-2025-49854 describes an SQL Injection in WordPress Slim SEO (versions n/a through 4.5.4) due to improper neutralization of input in SQL commands. Public sources (NVD, CVE List, Patchstack entry) confirm the vulnerability exists in Slim SEO and has a patch/update path: upgrading to a version l...

7.6CVSS5.9AI score0.00271EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/06/17 3:1 p.m.3 views

CVE-2025-49854 WordPress Slim SEO plugin <= 4.5.4 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Anh Tran Slim SEO allows SQL Injection. This issue affects Slim SEO: from n/a through 4.5.4...

7.6CVSS7.9AI score0.00271EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/06/17 12:0 a.m.2 views

WordPress plugin Slim SEO SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

7.6CVSS7.8AI score0.00271EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/06/17 12:0 a.m.5 views

PT-2025-25715 · Unknown · Anh Tran Slim Seo

Name of the Vulnerable Software and Affected Versions: Anh Tran Slim SEO versions n/a through 4.5.4 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks. Recommendations...

7.6CVSS7.7AI score0.00271EPSS
Exploits0References5
NVD
NVD
added 2025/05/21 12:16 p.m.8 views

CVE-2025-4611

The Slim SEO – Fast & Automated WordPress SEO Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's slimseobreadcrumbs shortcode in all versions up to, and including, 4.5.3 due to insufficient input sanitization and output escaping on user supplied attributes...

6.4CVSS0.0046EPSS
Exploits1References7
OSV
OSV
added 2025/05/21 12:16 p.m.11 views

CVE-2025-4611

The Slim SEO – Fast & Automated WordPress SEO Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's slimseobreadcrumbs shortcode in all versions up to, and including, 4.5.3 due to insufficient input sanitization and output escaping on user supplied attributes...

6.4CVSS5.9AI score
Exploits0References7
Rows per page
Query Builder