Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
seo vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2022-38140
Auth. (contributor+) Arbitrary File Upload in SEO Plugin by Squirrly SEO plugin <= 12.1.10 on WordPress.
Squirrly Seo Plugin By Squirrly Seo
4.8
CVSSv3
CVE-2024-0597
The SEO Plugin by Squirrly SEO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to and including 12.3.15 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with adm...
Squirrly Seo Plugin By Squirrly Seo
NA
CVE-2014-1855
Multiple cross-site scripting (XSS) vulnerabilities in Seo Panel prior to 3.5.0 allow remote malicious users to inject arbitrary web script or HTML via the (1) capcheck parameter to directories.php or (2) keyword parameter to proxy.php.
Seopanel Seo Panel 3.3.1
Seopanel Seo Panel
6.1
CVSSv3
CVE-2021-34665
The WP SEO Tags WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the saq_txt_the_filter parameter in the ~/wp-seo-tags.php file which allows malicious users to inject arbitrary web scripts, in versions up to and including 2.2.7.
Wp Seo Tags Project Wp Seo Tags
9.8
CVSSv3
CVE-2019-13478
The Yoast SEO plugin prior to 11.6-RC5 for WordPress does not properly restrict unfiltered HTML in term descriptions.
Yoast Yoast Seo 11.6
Yoast Yoast Seo
7.2
CVSSv3
CVE-2022-4351
The Qe SEO Handyman WordPress plugin up to and including 1.0 does not properly sanitize and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin
Qe Seo Handyman Project Qe Seo Handyman
7.2
CVSSv3
CVE-2022-4352
The Qe SEO Handyman WordPress plugin up to and including 1.0 does not properly sanitize and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin
Qe Seo Handyman Project Qe Seo Handyman
4.8
CVSSv3
CVE-2022-3135
The SEO Smart Links WordPress plugin up to and including 3.0.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for exampl...
Seo Smart Links Project Seo Smart Links
4.8
CVSSv3
CVE-2022-0701
The SEO 301 Meta WordPress plugin up to and including 1.9.1 does not escape its Request and Destination settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed
Seo-301-meta Project Seo-301-meta
NA
CVE-2010-2626
index.pl in Miyabi CGI Tools SEO Links 1.02 allows remote malicious users to execute arbitrary commands via shell metacharacters in the fn command. NOTE: some of these details are obtained from third party information.
Miyabi-seo Cgi Tools Seo Links 1.02
1 EDB exploit
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30065
CVE-2024-5843
CVE-2024-30080
code execution
CVE-2024-4577
CVE-2024-26169
wireless
remote code execution
CVE-2024-36103
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »