Vulnerabilities > Joomunited
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-28 | CVE-2023-1026 | Unspecified vulnerability in Joomunited WP Meta SEO The WP Meta SEO plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the listPostsCategory function in versions up to, and including, 4.5.3. | 4.3 |
| 2023-02-28 | CVE-2023-1027 | Missing Authorization vulnerability in Joomunited WP Meta SEO The WP Meta SEO plugin for WordPress is vulnerable to unauthorized sitemap generation due to a missing capability check on the checkAllCategoryInSitemap function in versions up to, and including, 4.5.3. | 4.3 |
| 2023-02-28 | CVE-2023-1028 | Unspecified vulnerability in Joomunited WP Meta SEO The WP Meta SEO plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.5.3. | 4.3 |
| 2023-02-24 | CVE-2023-1029 | Cross-Site Request Forgery (CSRF) vulnerability in Joomunited WP Meta SEO The WP Meta SEO plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.5.3. | 4.3 |
| 2022-05-23 | CVE-2022-1093 | Cross-site Scripting vulnerability in Joomunited WP Meta SEO The WP Meta SEO WordPress plugin before 4.4.7 does not sanitise or escape the breadcrumb separator before outputting it to the page, allowing a high privilege user such as an administrator to inject arbitrary javascript into the page even when unfiltered html is disallowed. | 3.5 |
| 2019-08-20 | CVE-2016-10913 | Cross-site Scripting vulnerability in Joomunited WP Latest Posts The wp-latest-posts plugin before 3.7.5 for WordPress has XSS. | 4.3 |