Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Wp_meta_seo
(Joomunited)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 14 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-03-20 | CVE-2023-0876 | The WP Meta SEO WordPress plugin before 4.5.3 does not authorize several ajax actions, allowing low-privilege users to make updates to certain data and leading to an arbitrary redirect vulnerability. | Wp_meta_seo | 6.1 | ||
| 2023-04-10 | CVE-2023-1381 | The WP Meta SEO WordPress plugin before 4.5.5 does not validate image file paths before attempting to manipulate the image files, leading to a PHAR deserialization vulnerability. Furthermore, the plugin contains a gadget chain which may be used in certain configurations to achieve remote code execution. | Wp_meta_seo | 8.8 | ||
| 2024-09-15 | CVE-2024-45455 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in JoomUnited WP Meta SEO allows Stored XSS.This issue affects WP Meta SEO: from n/a through 4.5.13. | Wp_meta_seo | 4.8 | ||
| 2024-09-15 | CVE-2024-45456 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in JoomUnited WP Meta SEO allows Stored XSS.This issue affects WP Meta SEO: from n/a through 4.5.13. | Wp_meta_seo | 5.4 |