Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
seo vulnerabilities and exploits
(subscribe to this query)
5.8
CVSSv2
CVE-2020-11515
The Rank Math plugin up to and including 1.0.40.2 for WordPress allows unauthenticated remote malicious users to create new URIs (that redirect to an external web site) via the unsecured rankmath/v1/updateRedirection REST API endpoint. In other words, this is not an "Open Re...
Rankmath Seo
NA
CVE-2023-2224
The SEO by 10Web WordPress plugin prior to 1.2.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite...
10web Seo
4
CVSSv2
CVE-2019-14786
The Rank Math SEO plugin 1.0.27 for WordPress allows non-admin users to reset the settings via the wp-admin/admin-post.php reset-cmb parameter.
Rankmath Seo
NA
CVE-2023-23819
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Rolands Umbrovskis itemprop WP for SERP/SEO Rich snippets plugin <= 3.5.201706131 versions.
Itemprop Wp For Serp/seo Rich Snippets Project Itemprop Wp For Serp/seo Rich Snippets
3.5
CVSSv2
CVE-2017-16842
Cross-site scripting (XSS) vulnerability in admin/google_search_console/class-gsc-table.php in the Yoast SEO plugin prior to 5.8.0 for WordPress allows remote malicious users to inject arbitrary web script or HTML.
Yoast Wordpress Seo
4.3
CVSSv2
CVE-2017-10838
Cross-site scripting vulnerability in SEO Panel prior to version 3.11.0 allows an malicious user to inject arbitrary web script or HTML via unspecified vectors.
Seopanel Seo Panel
6.5
CVSSv2
CVE-2017-10839
SQL injection vulnerability in the SEO Panel prior to version 3.11.0 allows authenticated malicious users to execute arbitrary SQL commands via unspecified vectors.
Seopanel Seo Panel
NA
CVE-2019-25146
The DELUCKS SEO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the saveSettings() function that had no capability checks in versions up to, and including, 2.1.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthent...
Delucks Delucks Seo
NA
CVE-2022-44627
Cross-Site Request Forgery (CSRF) vulnerability in David Cole Simple SEO plugin <= 1.8.12 on WordPress allows malicious users to create or delete sitemaps.
Coleds Simple Seo
4.3
CVSSv2
CVE-2016-10896
The seo-redirection plugin prior to 4.3 for WordPress has stored XSS.
Clogica Seo Redirection
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »