How it works Pricing

Vulnerabilities

WordPress Plugins Themes Stats Submit vulnerabilities

For developers

Status API details CLI scanner

WordPress Plugin Vulnerabilities

All in One SEO – Best WordPress SEO Plugin – Easily Improve SEO Rankings & Increase Traffic

2022-09-05

All in One SEO < 4.2.4 - Multiple CSRF

Fixed in version 4.2.4

2021-12-14

All In One SEO < 4.1.5.3 - Authenticated SQL Injection

Fixed in version 4.1.5.3

2021-12-14

All In One SEO < 4.1.5.3 - Authenticated Privilege Escalation

Fixed in version 4.1.5.3

2021-05-09

All in One SEO Pack < 4.1.0.2 - Admin RCE via unserialize

Fixed in version 4.1.0.2

2020-07-16

All in One SEO Pack < 3.6.2 - Authenticated Stored Cross-Site Scripting

Fixed in version 3.6.2

2019-10-16

All In One SEO Pack < 3.2.7 - Stored Cross-Site Scripting (XSS)

Fixed in version 3.2.7

2018-12-04

All in One SEO Pack <= 2.9.1.1 - Authenticated Stored Cross-Site Scripting (XSS)

Fixed in version 2.10

2016-07-13

All in One SEO Pack <= 2.3.7 - Unauthenticated Stored Cross-Site Scripting (XSS)

Fixed in version 2.3.8

2016-07-10

All in One SEO Pack <= 2.3.6.1 - Unauthenticated Stored Cross-Site Scripting (XSS)

Fixed in version 2.3.7

2015-04-20

All in One SEO Pack <= 2.2.6.1 - Cross-Site Scripting (XSS)

Fixed in version 2.2.6.2

2015-03-31

All in One SEO Pack <= 2.2.5.1 - Information Disclosure

Fixed in version 2.2.6

2014-08-01

All in One SEO Pack <= 2.1.5 - aioseop_functions.php new_meta Parameter XSS

Fixed in version 2.1.6

2014-08-01

All in One SEO Pack <= 2.1.5 - Unspecified Privilege Escalation

Fixed in version 2.1.6

2014-08-01

All in One SEO Pack <= 2.0.3 - XSS

Fixed in version 2.0.3.1