📦 Seopress

CVE-2024-5488 is a critical vulnerability in the SEOPress WordPress plugin that allows unauthenticated attackers to exploit insecure REST API endpoints combined with an object injection flaw. This can...

The SEOPress WordPress plugin before version 6.5.0.3 contains a PHP Object Injection vulnerability due to unsafe deserialization of user-controlled input in settings. This allows authenticated adminis...

This CVE describes a Missing Authorization vulnerability in the SEOPress WordPress plugin that allows attackers to exploit incorrectly configured access control security levels. It affects all SEOPres...

The SEOPress WordPress plugin is vulnerable to reflected cross-site scripting (XSS) in all versions up to 8.1.1. Unauthenticated attackers can inject malicious scripts via crafted URLs, which execute ...

This vulnerability in the SEOPress WordPress plugin allows high-privilege users (like contributors) to inject malicious scripts into post settings. When other users view affected posts, the scripts ex...