3 matches found
CVE-2020-35946
The CVE-2020-35946 issue affects the WordPress plugin All in One SEO Pack up to version 3.6.2. It arises from unsanitized input in the SEO Description and SEO Title fields, enabling stored XSS from a Contributor and affecting post pages in the admin area. The documented impact is stored XSS; expl...
CVE-2019-16520
The All-in-One SEO Pack WordPress plugin (before version 3.2.7) is vulnerable to Stored XSS due to improper encoding of the SEO-specific description for posts via unsafe placeholder replacement. Affected: WordPress plugin All in One SEO Pack
CVE-2013-5988
The CVE-2013-5988 entry concerns an XSS vulnerability in the All in One SEO Pack WordPress plugin (pre-2.0.3.1) exposed via the Search parameter. Affected software is the All in One SEO Pack WordPress plugin; vulnerable component is the Search parameter handling in versions before 2.0.3.1. The ro...