Simple Seo

simple_seo

Vendor: Coleds • 4 CVEs

CVEs (4)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-45269 1Coleds 1Simple Seo Jun 17, 2026 Oct 13, 2023 N/A· v4 5.4 MEDIUM· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in David Cole Simple SEO plugin <= 2.0.25 versions.
CVE-2022-44627 1Coleds 1Simple Seo Jun 17, 2026 Nov 3, 2022 N/A· v4 5.4 MEDIUM· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in David Cole Simple SEO plugin <= 1.8.12 on WordPress allows attackers to create or delete sitemaps.
CVE-2022-36404 1Coleds 1Simple Seo Jun 17, 2026 Nov 3, 2022 N/A· v4 5.4 MEDIUM· v3 N/A· v2 Missing Authorization, Cross-Site Request Forgery (CSRF) vulnerability in David Cole Simple SEO (WordPress plugin) plugin <= 1.8.12 versions.
CVE-2022-1628 1Coleds 1Simple Seo Jun 17, 2026 Sep 6, 2022 N/A· v4 5.4 MEDIUM· v3 N/A· v2 The Simple SEO plugin for WordPress is vulnerable to attribute-based stored Cross-Site Scripting in versions up to, and including 1.7.91, due to insufficient sanitization or escaping on the SEO social and standard title...Show more The Simple SEO plugin for WordPress is vulnerable to attribute-based stored Cross-Site Scripting in versions up to, and including 1.7.91, due to insufficient sanitization or escaping on the SEO social and standard title parameters. This can be exploited by authenticated users with Contributor and above permissions to inject arbitrary web scripts into posts/pages that execute whenever an administrator access the page.Show less