Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
seo vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2021-24153
A Stored Cross-Site Scripting vulnerability exists in the Yoast SEO WordPress plugin prior to 3.4.1, which had built-in blacklist filters which were blacklisting Parenthesis as well as several functions such as alert but bypasses were found.
Yoast Yoast Seo
6.1
CVSSv3
CVE-2017-10838
Cross-site scripting vulnerability in SEO Panel prior to version 3.11.0 allows an malicious user to inject arbitrary web script or HTML via unspecified vectors.
Seopanel Seo Panel
8.8
CVSSv3
CVE-2017-10839
SQL injection vulnerability in the SEO Panel prior to version 3.11.0 allows authenticated malicious users to execute arbitrary SQL commands via unspecified vectors.
Seopanel Seo Panel
6.6
CVSSv3
CVE-2018-19370
A Race condition vulnerability in unzip_file in admin/import/class-import-settings.php in the Yoast SEO (wordpress-seo) plugin prior to 9.2.0 for WordPress allows an SEO Manager to perform command execution on the Operating System via a ZIP import.
Yoast Yoast Seo
5.4
CVSSv3
CVE-2023-28785
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Yoast Yoast SEO: Local plugin <= 14.9 versions.
Yoast Yoast Seo
NA
CVE-2014-100024
Cross-site scripting (XSS) vulnerability in Seo Panel prior to 3.4.0 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Seopanel Seo Panel
6.1
CVSSv3
CVE-2016-10896
The seo-redirection plugin prior to 4.3 for WordPress has stored XSS.
Clogica Seo Redirection
4.8
CVSSv3
CVE-2023-2225
The SEO ALert WordPress plugin up to and including 1.59 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in mu...
Pottie Seo Alert
4.8
CVSSv3
CVE-2018-14384
The Website Manager module in SEO Panel 3.13.0 and previous versions is affected by a stored Cross-Site Scripting (XSS) vulnerability, allowing remote authenticated malicious users to inject arbitrary web script or HTML via the websites.php name parameter.
Seopanel Seo Panel
5.4
CVSSv3
CVE-2022-1628
The Simple SEO plugin for WordPress is vulnerable to attribute-based stored Cross-Site Scripting in versions up to, and including 1.7.91, due to insufficient sanitization or escaping on the SEO social and standard title parameters. This can be exploited by authenticated users wit...
Coleds Simple Seo
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »