CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-1168 – SEOPress – On-site SEO <= 7.9 - Authenticated(Contributor+) Stored Cross-Site Scripting via Social Image URL
https://notcve.org/view.php?id=CVE-2024-1168
The SEOPress – On-site SEO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's social image URL in all versions up to, and including, 7.9 due to insufficient input sanitization and output escaping on user supplied image URLs. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. El complemento SEOPress – On-site SEO para WordPress es vulnerable a Cross-Site Scripting Almacenado a través de la URL de la imagen social del complemento en todas las versiones hasta la 7.9 incluida debido a una sanitización de entrada insuficiente y a un escape de salida en las URL de imágenes proporcionadas por el usuario. Esto hace posible que atacantes autenticados con permisos de nivel de colaborador y superiores inyecten scripts web arbitrarios en páginas que se ejecutarán cada vez que un usuario acceda a una página inyectada. • https://wordpress.org/plugins/wp-seopress/#developers https://www.wordfence.com/threat-intel/vulnerabilities/id/c446f429-1981-4d6d-a5ec-a5837428d212?source=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-5488 – SEOPress < 7.9 - Unauthenticated Object Injection
https://notcve.org/view.php?id=CVE-2024-5488
The SEOPress WordPress plugin before 7.9 does not properly protect some of its REST API routes, which combined with another Object Injection vulnerability can allow unauthenticated attackers to unserialize malicious gadget chains, compromising the site if a suitable chain is present. El complemento SEOPress WordPress anterior a 7.9 no protege adecuadamente algunas de sus rutas API REST, lo que combinado con otra vulnerabilidad de inyección de objetos puede permitir a atacantes no autenticados deserializar cadenas de dispositivos maliciosos, comprometiendo el sitio si hay una cadena adecuada presente. The SEOPress – On-site SEO plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 7.8 via deserialization of untrusted input from the 'title' parameter. This makes it possible for unauthenticated attackers to inject a PHP Object. No known POP chain is present in the vulnerable software. • https://wpscan.com/vulnerability/28507376-ded0-4e1a-b2fc-2182895aa14c • CWE-502: Deserialization of Untrusted Data •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 1CVE-2024-4900 – SEOPress < 7.8 - Contributor+ Open Redirect
https://notcve.org/view.php?id=CVE-2024-4900
The SEOPress WordPress plugin before 7.8 does not validate and escape one of its Post settings, which could allow contributor and above role to perform Open redirect attacks against any user viewing a malicious post El complemento SEOPress WordPress anterior a 7.8 no valida ni escapa a una de sus configuraciones de publicación, lo que podría permitir que el colaborador y el rol superior realicen ataques de redireccionamiento abierto contra cualquier usuario que vea una publicación maliciosa. The SEOPress – On-site SEO plugin for WordPress is vulnerable to Open Redirect in all versions up to, and including, 7.7.2. This is due to insufficient validation on the social post settings. This makes it possible for an authenticated attacker, with contributor-level access and above, to redirect users to potentially malicious sites if they can successfully trick them into performing an action. • https://wpscan.com/vulnerability/a56ad272-e2ed-4064-9b5d-114a834dd8b3 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 1CVE-2024-4899 – SEOPress < 7.8 - Contributor+ Stored XSS
https://notcve.org/view.php?id=CVE-2024-4899
The SEOPress WordPress plugin before 7.8 does not sanitise and escape some of its Post settings, which could allow high privilege users such as contributor to perform Stored Cross-Site Scripting attacks. El complemento SEOPress WordPress anterior a 7.8 no sanitiza ni escapa a algunas de sus configuraciones de publicación, lo que podría permitir a usuarios con altos privilegios, como los contribuyentes, realizar ataques de Cross-Site Scripting Almacenado. The SEOPress – On-site SEO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the SEO Title field parameter in all versions up to, and including, 7.7.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. • https://wpscan.com/vulnerability/15346ae9-9a29-4968-a6a9-81d1116ac448 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-6290 – WP SEO Press < 7.3 - Admin+ Stored XSS
https://notcve.org/view.php?id=CVE-2023-6290
The SEOPress WordPress plugin before 7.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed El complemento SEOPress de WordPress anterior a 7.3 no sanitiza ni escapa a algunas de sus configuraciones, lo que podría permitir a usuarios con altos privilegios, como el administrador, realizar ataques de Cross-Site Scripting incluso cuando unfiltered_html no está permitido. The SEOPress – On-site SEO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 7.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. • https://wpscan.com/vulnerability/78a13958-cd12-4ea8-b326-1e3184da970b • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •