Joomunited

Wp Meta Seo

16 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.8

CVE-2024-45455

  • EPSS 0.11%
  • Veröffentlicht 15.09.2024 08:15:13
  • Zuletzt bearbeitet 19.09.2024 18:51:15

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in JoomUnited WP Meta SEO allows Stored XSS.This issue affects WP Meta SEO: from n/a through 4.5.13.

5.4

CVE-2024-45456

  • EPSS 0.14%
  • Veröffentlicht 15.09.2024 08:15:13
  • Zuletzt bearbeitet 19.09.2024 18:38:57

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in JoomUnited WP Meta SEO allows Stored XSS.This issue affects WP Meta SEO: from n/a through 4.5.13.

6.1

CVE-2023-6961

  • EPSS 2.29%
  • Veröffentlicht 02.05.2024 17:15:08
  • Zuletzt bearbeitet 06.02.2025 18:40:11

The WP Meta SEO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘Referer’ header in all versions up to, and including, 4.5.12 due to insufficient input sanitization and output escaping. This makes it possible for unauthentic...

5.3

CVE-2023-6962

  • EPSS 0.39%
  • Veröffentlicht 02.05.2024 17:15:08
  • Zuletzt bearbeitet 06.02.2025 18:39:37

The WP Meta SEO plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.5.12 via the meta description. This makes it possible for unauthenticated attackers to disclose potentially sensitive informa...

8.8

CVE-2023-1381

Exploit
  • EPSS 5.79%
  • Veröffentlicht 10.04.2023 15:15:07
  • Zuletzt bearbeitet 11.02.2025 18:15:21

The WP Meta SEO WordPress plugin before 4.5.5 does not validate image file paths before attempting to manipulate the image files, leading to a PHAR deserialization vulnerability. Furthermore, the plugin contains a gadget chain which may be used in ce...

8.8

CVE-2023-0875

Exploit
  • EPSS 0.28%
  • Veröffentlicht 20.03.2023 16:15:12
  • Zuletzt bearbeitet 26.02.2025 19:15:15

The WP Meta SEO WordPress plugin before 4.5.3 does not properly sanitize and escape inputs into SQL queries, leading to a blind SQL Injection vulnerability that can be exploited by subscriber+ users.

6.1

CVE-2023-0876

Exploit
  • EPSS 16.61%
  • Veröffentlicht 20.03.2023 16:15:12
  • Zuletzt bearbeitet 26.02.2025 19:15:15

The WP Meta SEO WordPress plugin before 4.5.3 does not authorize several ajax actions, allowing low-privilege users to make updates to certain data and leading to an arbitrary redirect vulnerability.

4.3

CVE-2023-1023

  • EPSS 0.23%
  • Veröffentlicht 28.02.2023 13:15:10
  • Zuletzt bearbeitet 21.11.2024 07:38:18

The WP Meta SEO plugin for WordPress is vulnerable to unauthorized plugin settings update due to a missing capability check on the saveSitemapSettings function in versions up to, and including, 4.5.3. This makes it possible for authenticated attacker...

4.3

CVE-2023-1024

  • EPSS 0.18%
  • Veröffentlicht 28.02.2023 13:15:10
  • Zuletzt bearbeitet 21.11.2024 07:38:18

The WP Meta SEO plugin for WordPress is vulnerable to unauthorized sitemap generation due to a missing capability check on the regenerateSitemaps function in versions up to, and including, 4.5.3. This makes it possible for authenticated attackers wit...

4.3

CVE-2023-1026

  • EPSS 0.24%
  • Veröffentlicht 28.02.2023 13:15:10
  • Zuletzt bearbeitet 21.11.2024 07:38:18

The WP Meta SEO plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the listPostsCategory function in versions up to, and including, 4.5.3. This makes it possible for authenticated attackers with sub...