Approved changes feed: RSS · Atom

cpe:2.3:a:joomunited:wp_meta_seo:-:*:*:*:*:wordpress:*:*

part: a version: - update: *

VendorJoomunited (ac4800e3-8d14-52d4-a07b-f57bf4934a04)
ProductWp Meta Seo (129e555e-353f-512c-a875-651adfae960b)
Edition*
Language*
Software edition*
Target softwarewordpress
Target hardware*
Other*
NotesImported from NVD CPE 2.0 feed

PURL mappings

PURLSourceLast updated
pkg:github/wp-plugins/wp-meta-seo purl2cpe 2026-06-01 10:11:30.915673

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2023-6962 vulnerable 2026-06-08 06:21:56.479922 WP Meta SEO <= 4.5.12 - Information Exposure via Meta Description
MEDIUM (5.3)
The WP Meta SEO plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.5.12 via the meta description. This makes it possible for unauthenticated attackers to disclose potentially sensitive information via the meta description of password-protected posts.
Published: 2024-05-02T16:51:41.692Z
Updated: 2026-04-08T16:32:48.990Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-6961 vulnerable 2026-06-08 06:21:56.476394 WP Meta SEO <= 4.5.12 - Unauthenticated Stored Cross-Site Scripting via Referer header
HIGH (7.2)
The WP Meta SEO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘Referer’ header in all versions up to, and including, 4.5.12 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Published: 2024-05-02T16:52:39.223Z
Updated: 2026-04-08T17:23:18.653Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.