Unrated severityNVD Advisory· Published Apr 3, 2015· Updated May 6, 2026

CVE-2015-0902

Description

The Semper Fi All in One SEO Pack plugin before 2.2.6 for WordPress does not consider the presence of password protection during generation of the Meta Description field, which allows remote attackers to obtain sensitive information by reading HTML source code.

Affected products

Semperfiwebdesign/All In One Seo Pack
cpe:2.3:a:semperfiwebdesign:all_in_one_seo_pack:*:*:*:*:*:wordpress:*:*
Range: <=2.2.5.1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

semperfiwebdesign.com/blog/all-in-one-seo-pack/all-in-one-seo-pack-release-history/nvdPatchVendor Advisory
jvn.jp/en/jp/JVN75615300/index.htmlnvdVendor Advisory
jvndb.jvn.jp/jvndb/JVNDB-2015-000046nvdVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000