Vulnerabilities > Joomunited

DATE CVE VULNERABILITY TITLE RISK
2023-02-28 CVE-2023-1026 Unspecified vulnerability in Joomunited WP Meta SEO
The WP Meta SEO plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the listPostsCategory function in versions up to, and including, 4.5.3.
network
low complexity
joomunited
4.3
2023-02-28 CVE-2023-1027 Missing Authorization vulnerability in Joomunited WP Meta SEO
The WP Meta SEO plugin for WordPress is vulnerable to unauthorized sitemap generation due to a missing capability check on the checkAllCategoryInSitemap function in versions up to, and including, 4.5.3.
network
low complexity
joomunited CWE-862
4.3
2023-02-28 CVE-2023-1028 Unspecified vulnerability in Joomunited WP Meta SEO
The WP Meta SEO plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.5.3.
network
low complexity
joomunited
4.3
2023-02-24 CVE-2023-1029 Cross-Site Request Forgery (CSRF) vulnerability in Joomunited WP Meta SEO
The WP Meta SEO plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.5.3.
network
low complexity
joomunited CWE-352
4.3
2022-05-23 CVE-2022-1093 Cross-site Scripting vulnerability in Joomunited WP Meta SEO
The WP Meta SEO WordPress plugin before 4.4.7 does not sanitise or escape the breadcrumb separator before outputting it to the page, allowing a high privilege user such as an administrator to inject arbitrary javascript into the page even when unfiltered html is disallowed.
network
joomunited CWE-79
3.5
2019-08-20 CVE-2016-10913 Cross-site Scripting vulnerability in Joomunited WP Latest Posts
The wp-latest-posts plugin before 3.7.5 for WordPress has XSS.
network
joomunited CWE-79
4.3