Vulnerabilities > Joomunited > WP Meta SEO > 4.0.12
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-10 | CVE-2023-1381 | Unspecified vulnerability in Joomunited WP Meta SEO The WP Meta SEO WordPress plugin before 4.5.5 does not validate image file paths before attempting to manipulate the image files, leading to a PHAR deserialization vulnerability. | 8.8 |
| 2023-03-20 | CVE-2023-0875 | Unspecified vulnerability in Joomunited WP Meta SEO The WP Meta SEO WordPress plugin before 4.5.3 does not properly sanitize and escape inputs into SQL queries, leading to a blind SQL Injection vulnerability that can be exploited by subscriber+ users. | 8.8 |
| 2023-03-20 | CVE-2023-0876 | Unspecified vulnerability in Joomunited WP Meta SEO The WP Meta SEO WordPress plugin before 4.5.3 does not authorize several ajax actions, allowing low-privilege users to make updates to certain data and leading to an arbitrary redirect vulnerability. | 6.1 |
| 2023-02-28 | CVE-2023-1022 | Unspecified vulnerability in Joomunited WP Meta SEO The WP Meta SEO plugin for WordPress is vulnerable to unauthorized options update due to a missing capability check on the wpmsGGSaveInformation function in versions up to, and including, 4.5.3. | 4.3 |
| 2023-02-28 | CVE-2023-1023 | Unspecified vulnerability in Joomunited WP Meta SEO The WP Meta SEO plugin for WordPress is vulnerable to unauthorized plugin settings update due to a missing capability check on the saveSitemapSettings function in versions up to, and including, 4.5.3. | 4.3 |
| 2023-02-28 | CVE-2023-1024 | Unspecified vulnerability in Joomunited WP Meta SEO The WP Meta SEO plugin for WordPress is vulnerable to unauthorized sitemap generation due to a missing capability check on the regenerateSitemaps function in versions up to, and including, 4.5.3. | 4.3 |
| 2023-02-28 | CVE-2023-1026 | Unspecified vulnerability in Joomunited WP Meta SEO The WP Meta SEO plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the listPostsCategory function in versions up to, and including, 4.5.3. | 4.3 |
| 2023-02-28 | CVE-2023-1027 | Missing Authorization vulnerability in Joomunited WP Meta SEO The WP Meta SEO plugin for WordPress is vulnerable to unauthorized sitemap generation due to a missing capability check on the checkAllCategoryInSitemap function in versions up to, and including, 4.5.3. | 4.3 |
| 2023-02-28 | CVE-2023-1028 | Unspecified vulnerability in Joomunited WP Meta SEO The WP Meta SEO plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.5.3. | 4.3 |
| 2023-02-24 | CVE-2023-1029 | Cross-Site Request Forgery (CSRF) vulnerability in Joomunited WP Meta SEO The WP Meta SEO plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.5.3. | 4.3 |