Approved changes feed: RSS · Atom

cpe:2.3:a:joomunited:wp_meta_seo:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorJoomunited (ac4800e3-8d14-52d4-a07b-f57bf4934a04)
ProductWp Meta Seo (129e555e-353f-512c-a875-651adfae960b)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from purl2cpe mapping

PURL mappings

PURLSourceLast updated
pkg:github/wp-plugins/wp-meta-seo purl2cpe 2026-06-01 10:11:30.915514

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2024-45456 vulnerable 2026-06-08 06:48:06.289331 WordPress WP Meta SEO plugin <= 4.5.13 - Cross Site Scripting (XSS) vulnerability
MEDIUM (6.5)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in JoomUnited WP Meta SEO wp-meta-seo allows Stored XSS.This issue affects WP Meta SEO: from n/a through <= 4.5.13.
Published: 2024-09-15T07:47:02.241Z
Updated: 2026-04-28T16:10:17.747Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-45455 vulnerable 2026-06-08 06:48:06.287749 WordPress WP Meta SEO plugin <= 4.5.13 - Cross Site Scripting (XSS) vulnerability
MEDIUM (5.9)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in JoomUnited WP Meta SEO wp-meta-seo allows Stored XSS.This issue affects WP Meta SEO: from n/a through <= 4.5.13.
Published: 2024-09-15T07:52:41.232Z
Updated: 2026-04-28T16:10:17.940Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-6962 vulnerable 2026-06-08 06:21:56.480064 WP Meta SEO <= 4.5.12 - Information Exposure via Meta Description
MEDIUM (5.3)
The WP Meta SEO plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.5.12 via the meta description. This makes it possible for unauthenticated attackers to disclose potentially sensitive information via the meta description of password-protected posts.
Published: 2024-05-02T16:51:41.692Z
Updated: 2026-04-08T16:32:48.990Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-6961 vulnerable 2026-06-08 06:21:56.477730 WP Meta SEO <= 4.5.12 - Unauthenticated Stored Cross-Site Scripting via Referer header
HIGH (7.2)
The WP Meta SEO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘Referer’ header in all versions up to, and including, 4.5.12 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Published: 2024-05-02T16:52:39.223Z
Updated: 2026-04-08T17:23:18.653Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-1029 vulnerable 2026-06-08 05:52:33.661542 WP Meta SEO <= 4.5.3 - Cross-Site Request Forgery via 'regenerateSitemaps'
MEDIUM (4.3)
The WP Meta SEO plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.5.3. This is due to missing or incorrect nonce validation on the regenerateSitemaps function. This makes it possible for unauthenticated attackers to regenerate Sitemaps via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Published: 2023-02-24T19:25:31.865Z
Updated: 2026-04-08T17:01:28.629Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-1028 vulnerable 2026-06-08 05:52:33.661093 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-1027 vulnerable 2026-06-08 05:52:33.660484 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-1026 vulnerable 2026-06-08 05:52:33.659775 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-1024 vulnerable 2026-06-08 05:52:33.655719 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-1023 vulnerable 2026-06-08 05:52:33.655067 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-1022 vulnerable 2026-06-08 05:52:33.654455 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.