Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
seo vulnerabilities and exploits
(subscribe to this query)
4.8
CVSSv3
CVE-2022-1093
The WP Meta SEO WordPress plugin prior to 4.4.7 does not sanitise or escape the breadcrumb separator before outputting it to the page, allowing a high privilege user such as an administrator to inject arbitrary javascript into the page even when unfiltered html is disallowed.
Joomunited Wp Meta Seo
NA
CVE-2013-4871
Cross-site request forgery (CSRF) vulnerability in the TEQneers SEO Enhancements (tq_seo) extension prior to 5.0.1 for TYPO3 allows remote malicious users to hijack the authentication of unspecified victims via unknown vectors.
Markus Blaschke Tq Seo
6.1
CVSSv3
CVE-2021-39413
Multiple Cross Site Scripting (XSS) vulnerabilities exits in SEO Panel v4.8.0 via the (1) to_time parameter in (a) backlinks.php, (b) analytics.php, (c) log.php, (d) overview.php, (e) pagespeed.php, (f) rank.php, (g) review.php, (h) saturationchecker.php, (i) social_media.php, an...
Seopanel Seo Panel 4.8.0
4.8
CVSSv3
CVE-2021-28417
A cross-site scripting (XSS) issue in Seo Panel 4.8.0 allows remote malicious users to inject JavaScript via archive.php and the "search_name" parameter.
Seopanel Seo Panel 4.8.0
4.8
CVSSv3
CVE-2021-28418
A cross-site scripting (XSS) issue in Seo Panel 4.8.0 allows remote malicious users to inject JavaScript via settings.php and the "category" parameter.
Seopanel Seo Panel 4.8.0
7.2
CVSSv3
CVE-2021-28419
The "order_col" parameter in archive.php of SEO Panel 4.8.0 is vulnerable to time-based blind SQL injection, which leads to the ability to retrieve all databases.
Seopanel Seo Panel 4.8.0
6.1
CVSSv3
CVE-2021-24325
The tab parameter of the settings page of the 404 SEO Redirection WordPress plugin up to and including 1.3 is vulnerable to a reflected Cross-Site Scripting (XSS) issue as user input is not properly sanitised or escaped before being output in an attribute.
Clogica Seo Redirection Plugin
4.8
CVSSv3
CVE-2021-24327
The SEO Redirection Plugin – 301 Redirect Manager WordPress plugin prior to 6.4 did not sanitise the Redirect From and Redirect To fields when creating a new redirect in the dashboard, allowing high privilege users (even with the unfiltered_html disabled) to set XSS payload...
Clogica Seo Redirection Plugin
NA
CVE-2013-5961
Unrestricted file upload vulnerability in lazyseo.php in the Lazy SEO plugin 1.1.9 for WordPress allows remote malicious users to execute arbitrary PHP code by uploading a PHP file, then accessing it via a direct request to the file in lazy-seo/.
Danny Morris Lazy Seo 1.1.9
1 EDB exploit
8.8
CVSSv3
CVE-2021-25036
The All in One SEO WordPress plugin prior to 4.1.5.3 is affected by a Privilege Escalation issue, which exists during an internal audit by the Jetpack Scan team, and may grant bad actors access to protected REST API endpoints they shouldn’t have access to. This could ultima...
Aioseo All In One Seo
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »