Search
Search Results (26 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-0875 | 1 Joomunited | 1 Wp Meta Seo | 2025-02-26 | 8.8 High |
| The WP Meta SEO WordPress plugin before 4.5.3 does not properly sanitize and escape inputs into SQL queries, leading to a blind SQL Injection vulnerability that can be exploited by subscriber+ users. | ||||
| CVE-2022-30337 | 1 Joomunited | 1 Wp Meta Seo | 2025-02-20 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in JoomUnited WP Meta SEO plugin <= 4.4.8 at WordPress allows an attacker to update the social settings. | ||||
| CVE-2023-1381 | 1 Joomunited | 1 Wp Meta Seo | 2025-02-11 | 8.8 High |
| The WP Meta SEO WordPress plugin before 4.5.5 does not validate image file paths before attempting to manipulate the image files, leading to a PHAR deserialization vulnerability. Furthermore, the plugin contains a gadget chain which may be used in certain configurations to achieve remote code execution. | ||||
| CVE-2022-47602 | 1 Joomunited | 1 Wp Table Manager | 2025-01-10 | 6.5 Medium |
| Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in JoomUnited WP Table Manager plugin <= 3.5.2 versions. | ||||
| CVE-2022-1093 | 1 Joomunited | 1 Wp Meta Seo | 2024-11-21 | 4.8 Medium |
| The WP Meta SEO WordPress plugin before 4.4.7 does not sanitise or escape the breadcrumb separator before outputting it to the page, allowing a high privilege user such as an administrator to inject arbitrary javascript into the page even when unfiltered html is disallowed. | ||||
| CVE-2016-10913 | 1 Joomunited | 1 Wp Latest Posts | 2024-11-21 | N/A |
| The wp-latest-posts plugin before 3.7.5 for WordPress has XSS. | ||||