Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
seo vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-36376
Server-Side Request Forgery (SSRF) vulnerability in Rank Math SEO plugin <= 1.0.95 at WordPress.
Rankmath Seo
5.4
CVSSv3
CVE-2023-32600
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Rank Math SEO plugin <= 1.0.119 versions.
Rankmath Seo
6.5
CVSSv3
CVE-2019-14786
The Rank Math SEO plugin 1.0.27 for WordPress allows non-admin users to reset the settings via the wp-admin/admin-post.php reset-cmb parameter.
Rankmath Seo
4.8
CVSSv3
CVE-2023-23819
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Rolands Umbrovskis itemprop WP for SERP/SEO Rich snippets plugin <= 3.5.201706131 versions.
Itemprop Wp For Serp/seo Rich Snippets Project Itemprop Wp For Serp/seo Rich Snippets
6.4
CVSSv3
CVE-2021-31779
The yoast_seo (aka Yoast SEO) extension prior to 7.2.1 for TYPO3 allows SSRF via a backend user account.
Yoast Yoast Seo
5.4
CVSSv3
CVE-2022-36404
Missing Authorization, Cross-Site Request Forgery (CSRF) vulnerability in David Cole Simple SEO (WordPress plugin) plugin <= 1.8.12 versions.
Coleds Simple Seo
7.2
CVSSv3
CVE-2021-24747
The SEO Booster WordPress plugin prior to 3.8 allows for authenticated SQL injection via the "fn_my_ajaxified_dataloader_ajax" AJAX request as the $_REQUEST['order'][0]['dir'] parameter is not properly escaped leading to blind and error-based SQL inj...
Cleverplugins Seo Booster
5.3
CVSSv3
CVE-2021-25118
The Yoast SEO WordPress plugin (from versions 16.7 until 17.2) discloses the full internal path of featured images in posts via the wp/v2/posts REST endpoints which could help an attacker identify other vulnerabilities or help during the exploitation of other identified vulnerabi...
Yoast Yoast Seo
NA
CVE-2014-100024
Cross-site scripting (XSS) vulnerability in Seo Panel prior to 3.4.0 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Seopanel Seo Panel
4.8
CVSSv3
CVE-2023-2029
The PrePost SEO WordPress plugin up to and including 3.0 does not properly sanitize some of its settings, which could allow high-privilege users to perform Stored Cross-Site Scripting (XSS) attacks even when the unfiltered_html capability is disallowed (for example in multisite s...
Enzipe Prepost Seo
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30065
CVE-2024-5843
CVE-2024-30080
code execution
CVE-2024-4577
CVE-2024-26169
wireless
remote code execution
CVE-2024-36103
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »