Vulnerabilities > Seopanel > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-18 | CVE-2021-28417 | Cross-site Scripting vulnerability in Seopanel SEO Panel 4.8.0 A cross-site scripting (XSS) issue in Seo Panel 4.8.0 allows remote attackers to inject JavaScript via archive.php and the "search_name" parameter. | 4.8 |
| 2021-01-01 | CVE-2021-3002 | Cross-site Scripting vulnerability in Seopanel SEO Panel 4.8.0 Seo Panel 4.8.0 allows reflected XSS via the seo/seopanel/login.php?sec=forgot email parameter. | 6.1 |
| 2020-12-31 | CVE-2020-35930 | Cross-site Scripting vulnerability in Seopanel SEO Panel 4.8.0 Seo Panel 4.8.0 allows stored XSS by an Authenticated User via the url parameter, as demonstrated by the seo/seopanel/websites.php URI. | 5.4 |
| 2020-03-02 | CVE-2018-14384 | Cross-site Scripting vulnerability in Seopanel SEO Panel The Website Manager module in SEO Panel 3.13.0 and earlier is affected by a stored Cross-Site Scripting (XSS) vulnerability, allowing remote authenticated attackers to inject arbitrary web script or HTML via the websites.php name parameter. | 4.8 |
| 2017-08-29 | CVE-2017-10838 | Cross-site Scripting vulnerability in Seopanel SEO Panel Cross-site scripting vulnerability in SEO Panel prior to version 3.11.0 allows an attacker to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |