Vulnerabilities > Joomunited

DATE CVE VULNERABILITY TITLE RISK
2024-09-15 CVE-2024-45455 Cross-site Scripting vulnerability in Joomunited WP Meta SEO
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in JoomUnited WP Meta SEO allows Stored XSS.This issue affects WP Meta SEO: from n/a through 4.5.13.
network
low complexity
joomunited CWE-79
4.8
2024-09-15 CVE-2024-45456 Cross-site Scripting vulnerability in Joomunited WP Meta SEO
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in JoomUnited WP Meta SEO allows Stored XSS.This issue affects WP Meta SEO: from n/a through 4.5.13.
network
low complexity
joomunited CWE-79
5.4
2024-02-01 CVE-2024-22148 Unspecified vulnerability in Joomunited Wp-Smart-Editor 1.3.3
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Smart Editor JoomUnited allows Reflected XSS.This issue affects JoomUnited: from n/a through 1.3.3.
network
low complexity
joomunited
6.1
2023-04-10 CVE-2023-1381 Unspecified vulnerability in Joomunited WP Meta SEO
The WP Meta SEO WordPress plugin before 4.5.5 does not validate image file paths before attempting to manipulate the image files, leading to a PHAR deserialization vulnerability.
network
low complexity
joomunited
8.8
2023-03-29 CVE-2022-47602 Unspecified vulnerability in Joomunited WP Table Manager
Auth.
network
low complexity
joomunited
5.4
2023-03-20 CVE-2023-0875 Unspecified vulnerability in Joomunited WP Meta SEO
The WP Meta SEO WordPress plugin before 4.5.3 does not properly sanitize and escape inputs into SQL queries, leading to a blind SQL Injection vulnerability that can be exploited by subscriber+ users.
network
low complexity
joomunited
8.8
2023-03-20 CVE-2023-0876 Unspecified vulnerability in Joomunited WP Meta SEO
The WP Meta SEO WordPress plugin before 4.5.3 does not authorize several ajax actions, allowing low-privilege users to make updates to certain data and leading to an arbitrary redirect vulnerability.
network
low complexity
joomunited
6.1
2023-02-28 CVE-2023-1022 Unspecified vulnerability in Joomunited WP Meta SEO
The WP Meta SEO plugin for WordPress is vulnerable to unauthorized options update due to a missing capability check on the wpmsGGSaveInformation function in versions up to, and including, 4.5.3.
network
low complexity
joomunited
4.3
2023-02-28 CVE-2023-1023 Unspecified vulnerability in Joomunited WP Meta SEO
The WP Meta SEO plugin for WordPress is vulnerable to unauthorized plugin settings update due to a missing capability check on the saveSitemapSettings function in versions up to, and including, 4.5.3.
network
low complexity
joomunited
4.3
2023-02-28 CVE-2023-1024 Unspecified vulnerability in Joomunited WP Meta SEO
The WP Meta SEO plugin for WordPress is vulnerable to unauthorized sitemap generation due to a missing capability check on the regenerateSitemaps function in versions up to, and including, 4.5.3.
network
low complexity
joomunited
4.3