11 matches found
EUVD-2021-11308
Malware in sbrugna...
EUVD-2012-6534
Malware in sbrugna...
EUVD-2015-2390
Malware in sbrugna...
EUVD-2024-32140
Malicious code in bioql PyPI...
CVE-2025-4611
The Slim SEO – Fast & Automated WordPress SEO Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's slimseobreadcrumbs shortcode in all versions up to, and including, 4.5.3 due to insufficient input sanitization and output escaping on user supplied attributes...
WordPress plugin Premium SEO Pack – WP SEO Plugin 信息泄露漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. WordPress plugin Premium S...
WordPress SEO Plugin by Squirrly SEO Plugin <= 12.3.19 is vulnerable to SQL Injection
Software SEO Plugin by Squirrly SEO Type Plugin Vulnerable versions = 12.3.19 Fixed in 12.3.20 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-43286 Patch priority Low CVSS severity Low 8.5 Developer Claim ownership PSID a803fc913cd9 Credits Rafie Muhammad Patchstack Required...
WordPress WordPress Auto SEO Plugin – Upfiv SEO Wizard Plugin <= 1.0.3 is vulnerable to Cross Site Scripting (XSS)
Software WordPress Auto SEO Plugin – Upfiv SEO Wizard Type Plugin Vulnerable versions = 1.0.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 2a56c1fca648 Credits Rafie...
WordPress SEO Plugin - Rank Math < 1.0.41 - Privilege Escalation via Unprotected REST API Endpoint
This plugin registered a REST-API endpoint, rankmath/v1/updateMeta, which failed to include a permissioncallback used for capability checking. The endpoint called a function, updatemetadata which could be used to update the slug on existing posts, or could be used to delete or update metadata for...
WordPress SEO Plugin - Rank Math < 1.0.41 - Privilege Escalation via Unprotected REST API Endpoint
This plugin registered a REST-API endpoint, rankmath/v1/updateMeta, which failed to include a permissioncallback used for capability checking. The endpoint called a function, updatemetadata which could be used to update the slug on existing posts, or could be used to delete or update metadata for...
Popular WordPress SEO Plugin Fixes XSS Bug
The Yoast WordPress SEO plugin, which has been downloaded more than 14 million times, has a serious cross-site scripting vulnerability that can allow an attacker to force a vulnerable site to execute arbitrary HTML code. The bug may have been reported to the plugin’s developer as long as two year...