All in One SEO < 4.2.4 - Multiple CSRF

2022-09-0500:00:00

wpscan.com

plugin

csrf

vulnerability

logged in users

unwanted actions

0.001 Low

EPSS

Percentile

32.5%

The plugin does not have CSRF check in some places, which could allow attackers to make logged in users perform unwanted actions

CPENameOperatorVersion
all-in-one-seo-packlt4.2.4

CPE	Name	Operator	Version
	all-in-one-seo-pack	lt	4.2.4

0.001 Low

EPSS

Percentile

32.5%

Related for WPVDB-ID:5F31B537-186D-424C-A0C3-56F29146BB6E