Joomunited Wp Meta Seo — known CVE vulnerabilities
Every CVE whose affected-product data names Joomunited Wp Meta Seo, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (16)
CVE-2023-0875 — CVSS 8.8 (high): The WP Meta SEO WordPress plugin before 4.5.3 does not properly sanitize and escape inputs into SQL queries, leading to a blind SQL…
CVE-2023-1381 — CVSS 8.8 (high): The WP Meta SEO WordPress plugin before 4.5.5 does not validate image file paths before attempting to manipulate the image files, leading…
CVE-2023-6961 — CVSS 7.2 (high): The WP Meta SEO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘Referer’ header in all versions up to, and…
CVE-2024-45456 — CVSS 6.5 (medium): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in JoomUnited WP Meta SEO wp-meta-seo…
CVE-2023-0876 — CVSS 6.1 (medium): The WP Meta SEO WordPress plugin before 4.5.3 does not authorize several ajax actions, allowing low-privilege users to make updates to…
CVE-2024-45455 — CVSS 5.9 (medium): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in JoomUnited WP Meta SEO wp-meta-seo…
CVE-2023-1022 — CVSS 5.4 (medium): The WP Meta SEO plugin for WordPress is vulnerable to unauthorized options update due to a missing capability check on the…
CVE-2023-1023 — CVSS 5.4 (medium): The WP Meta SEO plugin for WordPress is vulnerable to unauthorized plugin settings update due to a missing capability check on the…
CVE-2022-30337 — CVSS 5.4 (medium): Cross-Site Request Forgery (CSRF) vulnerability in JoomUnited WP Meta SEO plugin <= 4.4.8 at WordPress allows an attacker to update the…
CVE-2023-6962 — CVSS 5.3 (medium): The WP Meta SEO plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.5.12 via the…
CVE-2022-1093 — CVSS 4.8 (medium): The WP Meta SEO WordPress plugin before 4.4.7 does not sanitise or escape the breadcrumb separator before outputting it to the page…
CVE-2023-1029 — CVSS 4.3 (medium): The WP Meta SEO plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.5.3. This is due to…
CVE-2023-1028 — CVSS 4.3 (medium): The WP Meta SEO plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.5.3. This is due to…
CVE-2023-1027 — CVSS 4.3 (medium): The WP Meta SEO plugin for WordPress is vulnerable to unauthorized sitemap generation due to a missing capability check on the…
CVE-2023-1026 — CVSS 4.3 (medium): The WP Meta SEO plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the…
CVE-2023-1024 — CVSS 4.3 (medium): The WP Meta SEO plugin for WordPress is vulnerable to unauthorized sitemap generation due to a missing capability check on the…