Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

aioseo all in one seo vulnerabilities and exploits

(subscribe to this query)
6.5
CVSSv2
CVE-2021-25036
The All in One SEO WordPress plugin prior to 4.1.5.3 is affected by a Privilege Escalation issue, which exists during an internal audit by the Jetpack Scan team, and may grant bad actors access to protected REST API endpoints they shouldn’t have access to. This could ultima...
Aioseo All In One Seo
4
CVSSv2
CVE-2021-25037
The All in One SEO WordPress plugin prior to 4.1.5.3 is affected by an authenticated SQL injection issue, which exists during an internal audit by the Jetpack Scan team, and could grant attackers access to privileged information from the affected site’s database (e.g., user...
Aioseo All In One Seo
NA
CVE-2023-0585
The All in One SEO Pack plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple parameters in versions up to, and including, 4.2.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with Administra...
Aioseo All In One Seo
NA
CVE-2023-0586
The All in One SEO Pack plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple parameters in versions up to, and including, 4.2.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with Contributo...
Aioseo All In One Seo
9
CVSSv2
CVE-2021-24307
The All in One SEO – Best WordPress SEO Plugin – Easily Improve Your SEO Rankings prior to 4.1.0.2 enables authenticated users with "aioseo_tools_settings" privilege (most of the time admin) to execute arbitrary code on the underlying host. Users can restore...
Aioseo All In One Seo
NA
CVE-2022-38093
Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in All in One SEO plugin <= 4.2.3.1 at WordPress.
Aioseo All In One Seo
NA
CVE-2022-42494
Server Side Request Forgery (SSRF) vulnerability in All in One SEO Pro plugin <= 4.2.5.1 on WordPress.
Aioseo All In One Seo
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversalCVE-2024-26978CVE-2024-26982wirelessCVE-2023-6949CVE-2024-26980CVE-2024-32766CVE-2024-26939cache poisoning
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook