Approved changes feed: RSS · Atom

cpe:2.3:a:joomunited:wp_meta_seo:*:*:*:*:*:wordpress:*:*

part: a version: * update: *

VendorJoomunited (ac4800e3-8d14-52d4-a07b-f57bf4934a04)
ProductWp Meta Seo (129e555e-353f-512c-a875-651adfae960b)
Edition*
Language*
Software edition*
Target softwarewordpress
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2024-45456 vulnerable 2026-06-08 06:48:06.289373 WordPress WP Meta SEO plugin <= 4.5.13 - Cross Site Scripting (XSS) vulnerability
MEDIUM (6.5)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in JoomUnited WP Meta SEO wp-meta-seo allows Stored XSS.This issue affects WP Meta SEO: from n/a through <= 4.5.13.
Published: 2024-09-15T07:47:02.241Z
Updated: 2026-04-28T16:10:17.747Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-45455 vulnerable 2026-06-08 06:48:06.288888 WordPress WP Meta SEO plugin <= 4.5.13 - Cross Site Scripting (XSS) vulnerability
MEDIUM (5.9)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in JoomUnited WP Meta SEO wp-meta-seo allows Stored XSS.This issue affects WP Meta SEO: from n/a through <= 4.5.13.
Published: 2024-09-15T07:52:41.232Z
Updated: 2026-04-28T16:10:17.940Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-6962 vulnerable 2026-06-08 06:21:56.480187 WP Meta SEO <= 4.5.12 - Information Exposure via Meta Description
MEDIUM (5.3)
The WP Meta SEO plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.5.12 via the meta description. This makes it possible for unauthenticated attackers to disclose potentially sensitive information via the meta description of password-protected posts.
Published: 2024-05-02T16:51:41.692Z
Updated: 2026-04-08T16:32:48.990Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-6961 vulnerable 2026-06-08 06:21:56.479281 WP Meta SEO <= 4.5.12 - Unauthenticated Stored Cross-Site Scripting via Referer header
HIGH (7.2)
The WP Meta SEO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘Referer’ header in all versions up to, and including, 4.5.12 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Published: 2024-05-02T16:52:39.223Z
Updated: 2026-04-08T17:23:18.653Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-1381 vulnerable 2026-06-08 05:52:35.732168 WP Meta SEO < 4.5.5 - Author+ PHAR Deserialization
The WP Meta SEO WordPress plugin before 4.5.5 does not validate image file paths before attempting to manipulate the image files, leading to a PHAR deserialization vulnerability. Furthermore, the plugin contains a gadget chain which may be used in certain configurations to achieve remote code execution.
Published: 2023-04-10T14:14:39.985Z
Updated: 2025-02-11T17:21:25.629Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-1029 vulnerable 2026-06-08 05:52:33.661676 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-1028 vulnerable 2026-06-08 05:52:33.661125 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-1027 vulnerable 2026-06-08 05:52:33.660603 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-1026 vulnerable 2026-06-08 05:52:33.659928 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-1024 vulnerable 2026-06-08 05:52:33.655825 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-1023 vulnerable 2026-06-08 05:52:33.655203 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-1022 vulnerable 2026-06-08 05:52:33.654598 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-0876 vulnerable 2026-06-08 05:52:33.365861 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-0875 vulnerable 2026-06-08 05:52:33.365331 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-30337 vulnerable 2026-06-08 05:43:37.973693 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-1093 vulnerable 2026-06-08 05:39:12.155785 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.