CVE-2023-0585

The All in One SEO Pack plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple parameters in versions up to, and including, 4.2.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with Administrator role or above to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.4 MEDIUM
NETWORK
HIGH
HIGH
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
WordfenceCNA
4.4 MEDIUM
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
CVEADP
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 80%
VendorProductVersion
aioseoall_in_one_seo
𝑥
≤ 4.2.9
𝑥
= Vulnerable software versions
References
https://plugins.trac.wordpress.org/browser/all-in-one-seo-pack/tags/4.2.9/app/Common/Main/Updates.php?v=2829340#L624
https://plugins.trac.wordpress.org/browser/all-in-one-seo-pack/tags/4.2.9/app/Common/Main/Updates.php?v=2829340#L625
https://plugins.trac.wordpress.org/browser/all-in-one-seo-pack/tags/4.2.9/app/Common/Main/Updates.php?v=2829340#L665
https://plugins.trac.wordpress.org/browser/all-in-one-seo-pack/tags/4.2.9/app/Common/Main/Updates.php?v=2829340#L666
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2859011%40all-in-one-seo-pack%2Ftrunk&old=2847431%40all-in-one-seo-pack%2Ftrunk&sfp_email=&sfph_mail=
https://www.wordfence.com/threat-intel/vulnerabilities/id/3db97180-9308-4891-9de9-acefe31d088f
https://plugins.trac.wordpress.org/browser/all-in-one-seo-pack/tags/4.2.9/app/Common/Main/Updates.php?v=2829340#L624
https://plugins.trac.wordpress.org/browser/all-in-one-seo-pack/tags/4.2.9/app/Common/Main/Updates.php?v=2829340#L625
https://plugins.trac.wordpress.org/browser/all-in-one-seo-pack/tags/4.2.9/app/Common/Main/Updates.php?v=2829340#L665
https://plugins.trac.wordpress.org/browser/all-in-one-seo-pack/tags/4.2.9/app/Common/Main/Updates.php?v=2829340#L666
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2859011%40all-in-one-seo-pack%2Ftrunk&old=2847431%40all-in-one-seo-pack%2Ftrunk&sfp_email=&sfph_mail=
https://www.wordfence.com/threat-intel/vulnerabilities/id/3db97180-9308-4891-9de9-acefe31d088f