Wp Seopress
by WordPress
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-50454 | Med | 0.34 | 5.3 | 0.00 | Oct 29, 2024 | Missing Authorization vulnerability in Benjamin Denis SEOPress wp-seopress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SEOPress: from n/a through <= 8.1.1. | ||
| CVE-2024-34383 | Med | 0.34 | 5.3 | 0.01 | May 6, 2024 | Authorization Bypass Through User-Controlled Key vulnerability in The SEO Guys at SEOPress SEOPress.This issue affects SEOPress: from n/a through 7.7.1. | ||
| CVE-2023-1669 | 0.00 | — | 0.19 | May 2, 2023 | The SEOPress WordPress plugin before 6.5.0.3 unserializes user input provided via the settings, which could allow high-privilege users such as admin to perform PHP Object Injection when a suitable gadget is present. |
- risk 0.34cvss 5.3epss 0.00
Missing Authorization vulnerability in Benjamin Denis SEOPress wp-seopress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SEOPress: from n/a through <= 8.1.1.
- risk 0.34cvss 5.3epss 0.01
Authorization Bypass Through User-Controlled Key vulnerability in The SEO Guys at SEOPress SEOPress.This issue affects SEOPress: from n/a through 7.7.1.
- CVE-2023-1669May 2, 2023risk 0.00cvss —epss 0.19
The SEOPress WordPress plugin before 6.5.0.3 unserializes user input provided via the settings, which could allow high-privilege users such as admin to perform PHP Object Injection when a suitable gadget is present.