Vulnerabilities > Joomunited
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-28 | CVE-2023-1026 | Unspecified vulnerability in Joomunited WP Meta SEO The WP Meta SEO plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the listPostsCategory function in versions up to, and including, 4.5.3. | 4.3 |
| 2023-02-28 | CVE-2023-1027 | Missing Authorization vulnerability in Joomunited WP Meta SEO The WP Meta SEO plugin for WordPress is vulnerable to unauthorized sitemap generation due to a missing capability check on the checkAllCategoryInSitemap function in versions up to, and including, 4.5.3. | 4.3 |
| 2023-02-28 | CVE-2023-1028 | Unspecified vulnerability in Joomunited WP Meta SEO The WP Meta SEO plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.5.3. | 4.3 |
| 2023-02-24 | CVE-2023-1029 | Cross-Site Request Forgery (CSRF) vulnerability in Joomunited WP Meta SEO The WP Meta SEO plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.5.3. | 4.3 |
| 2022-07-21 | CVE-2022-30337 | Unspecified vulnerability in Joomunited WP Meta SEO Cross-Site Request Forgery (CSRF) vulnerability in JoomUnited WP Meta SEO plugin <= 4.4.8 at WordPress allows an attacker to update the social settings. | 4.3 |
| 2022-05-23 | CVE-2022-1093 | Unspecified vulnerability in Joomunited WP Meta SEO The WP Meta SEO WordPress plugin before 4.4.7 does not sanitise or escape the breadcrumb separator before outputting it to the page, allowing a high privilege user such as an administrator to inject arbitrary javascript into the page even when unfiltered html is disallowed. | 4.8 |
| 2019-08-20 | CVE-2016-10913 | Cross-site Scripting vulnerability in Joomunited WP Latest Posts The wp-latest-posts plugin before 3.7.5 for WordPress has XSS. | 6.1 |