KLA10481
Multiple vulnerabilities in WordPress SEO plugin

Updated: 06/18/2020

Detect date ?	03/17/2015
Severity ?	High
Description	Multiple CSRF and SQL injection vulnerabilities were found in WordPress SEO plugin. These vulnerabilities can be exploited remotely via vectors related to wpseo_bulk-editor page.
Affected products	Wordpress SEO plugin versions earlier than 1.5.7 Wordpress SEO plugin 1.6 versions earlier than 1.6.4 Wordpress SEO plugin 1.7 versions earlier than 1.7.4
Solution	Update to latest version! Get WordPress SEO plugin
Original advisories	Plugin changelog
Impacts ?	ACE [?] SB [?]
Related products	WordPress SEO plugin
CVE-IDS ?	CVE-2015-22936.8High CVE-2015-22926.5High
Exploitation	The following public exploits exists for this vulnerability: https://www.exploit-db.com/exploits/36413
	Find out the statistics of the vulnerabilities spreading in your region

KLA10481Multiple vulnerabilities in WordPress SEO plugin