KLA10481
Multiple vulnerabilities in WordPress SEO plugin
Updated: 06/18/2020
Detect date
?
03/17/2015
Severity
?
High
Description

Multiple CSRF and SQL injection vulnerabilities were found in WordPress SEO plugin. These vulnerabilities can be exploited remotely via vectors related to wpseo_bulk-editor page.

Affected products

Wordpress SEO plugin versions earlier than 1.5.7
Wordpress SEO plugin 1.6 versions earlier than 1.6.4
Wordpress SEO plugin 1.7 versions earlier than 1.7.4

Solution

Update to latest version!
Get WordPress SEO plugin

Original advisories

Plugin changelog

Impacts
?
ACE 
[?]

SB 
[?]
Related products
WordPress SEO plugin
CVE-IDS
?
Exploitation

The following public exploits exists for this vulnerability:

https://www.exploit-db.com/exploits/36413