Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
seo vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2021-24832
The WP SEO Redirect 301 WordPress plugin prior to 2.3.2 does not have CSRF in place when deleting redirects, which could allow malicious users to make a logged in admin delete them via a CSRF attack
Wp Seo Redirect 301 Project Wp Seo Redirect 301
578
VMScore
CVE-2015-9458
The searchterms-tagging-2 plugin up to and including 1.535 for WordPress has SQL injection via the pk_stt2_db_get_popular_terms count parameter exploitable via CSRF.
Seo Searchterms Tagging 2 Project Seo Searchterms Tagging 2
383
VMScore
CVE-2015-9459
The searchterms-tagging-2 plugin up to and including 1.535 for WordPress has XSS via the wp-admin/options-general.php count parameter.
Seo Searchterms Tagging 2 Project Seo Searchterms Tagging 2
383
VMScore
CVE-2015-9319
The gregs-high-performance-seo plugin prior to 1.6.2 for WordPress has XSS in the context of an old browser.
Greg\\'s High Performance Seo Project Greg\\'s High Performance Seo
668
VMScore
CVE-2020-11514
The Rank Math plugin up to and including 1.0.40.2 for WordPress allows unauthenticated remote malicious users to update arbitrary WordPress metadata, including the ability to escalate or revoke administrative privileges for existing users via the unsecured rankmath/v1/updateMeta ...
Rankmath Seo
NA
CVE-2023-32600
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Rank Math SEO plugin <= 1.0.119 versions.
Rankmath Seo
356
VMScore
CVE-2019-14786
The Rank Math SEO plugin 1.0.27 for WordPress allows non-admin users to reset the settings via the wp-admin/admin-post.php reset-cmb parameter.
Rankmath Seo
516
VMScore
CVE-2020-11515
The Rank Math plugin up to and including 1.0.40.2 for WordPress allows unauthenticated remote malicious users to create new URIs (that redirect to an external web site) via the unsecured rankmath/v1/updateRedirection REST API endpoint. In other words, this is not an "Open Re...
Rankmath Seo
NA
CVE-2023-34375
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in 10Web SEO by 10Web plugin <= 1.2.9 versions.
10web Seo
NA
CVE-2023-2224
The SEO by 10Web WordPress plugin prior to 1.2.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite...
10web Seo
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »