WordPress Plugins Themes API Submit Login Register

Affects Plugin

All in One SEO Pack fixed in version 2.3.8

References

URL	https://web.archive.org/web/20161019215603/https://semperfiwebdesign.com/blog/all-in-one-seo-pack/all-in-one-seo-pack-release-history/
URL	https://www.wordfence.com/blog/2016/07/new-xss-vulnerability-all-in-one-seo-pack/
URL	https://semperfiwebdesign.com/blog/all-in-one-seo-pack/all-in-one-seo-pack-release-history/

Classification

Type	XSS
OWASP Top 10	A7: Cross-Site Scripting (XSS)
CWE	CWE-79

Miscellaneous

Original Researcher	Panagiotis Vagenas of Wordfence
Submitter	ethicalhack3r
Submitter Website	https://dewhurstsecurity.com/
Submitter Twitter	ethicalhack3r
Views	5885
Verified	No
WPVDB ID	8558

Timeline

Publicly Published	2016-07-13 (about 4 years ago)
Added	2016-07-19 (almost 4 years ago)
Last Updated	2020-04-13 (3 months ago)

Our Other Services

Online WordPress Vulnerability Scanner	WPScan WordPress Security Plugin