Vulnerabilities > Seopress

DATE	CVE	VULNERABILITY TITLE	RISK
2024-01-22	CVE-2023-6290	Cross-site Scripting vulnerability in Seopress The SEOPress WordPress plugin before 7.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed network low complexity seopress CWE-79	4.8
2023-05-02	CVE-2023-1669	Unspecified vulnerability in Seopress The SEOPress WordPress plugin before 6.5.0.3 unserializes user input provided via the settings, which could allow high-privilege users such as admin to perform PHP Object Injection when a suitable gadget is present. network low complexity seopress	7.2
2021-08-16	CVE-2021-34641	Cross-site Scripting vulnerability in Seopress The SEOPress WordPress plugin is vulnerable to Stored Cross-Site-Scripting via the processPut function found in the ~/src/Actions/Api/TitleDescriptionMeta.php file which allows authenticated attackers to inject arbitrary web scripts, in versions 5.0.0 - 5.0.3. network seopress CWE-79	3.5

Vulnerabilities > Seopress {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Seopress"}]}