The all-in-one-seo-pack plugin prior to 3.2.7 for WordPress (aka All in One SEO Pack) is susceptible to Stored XSS due to improper encoding of the SEO-specific description for posts provided by the plugin via unsafe placeholder replacement.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
semperplugins all in one seo pack |