A cross-site scripting (XSS) issue in Seo Panel 4.8.0 allows remote malicious users to inject JavaScript via settings.php and the "category" parameter.
seopanel seo panel 4.8.0