Seo Plugin By Squirrly Seo

seo_plugin_by_squirrly_seo

Vendor: Squirrly • 13 CVEs

CVEs (13)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-22783 1Squirrly 1Seo Plugin By Squirrly Seo Apr 23, 2026 Mar 27, 2025 N/A· v4 8.8 HIGH· v3 N/A· v2 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SEO Squirrly SEO Plugin by Squirrly SEO squirrly-seo allows SQL Injection.This issue affects SEO Plugin by Squirrly SE...Show more Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SEO Squirrly SEO Plugin by Squirrly SEO squirrly-seo allows SQL Injection.This issue affects SEO Plugin by Squirrly SEO: from n/a through <= 12.4.03.Show less
CVE-2025-1768 1Squirrly 1Seo Plugin By Squirrly Seo Apr 9, 2025 Mar 7, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 The SEO Plugin by Squirrly SEO plugin for WordPress is vulnerable to blind SQL Injection via the 'search' parameter in all versions up to, and including, 12.4.05 due to insufficient escaping on the user supplied paramete...Show more The SEO Plugin by Squirrly SEO plugin for WordPress is vulnerable to blind SQL Injection via the 'search' parameter in all versions up to, and including, 12.4.05 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.Show less
CVE-2025-24654 1Squirrly 1Seo Plugin By Squirrly Seo Apr 23, 2026 Mar 3, 2025 N/A· v4 8.8 HIGH· v3 N/A· v2 Missing Authorization vulnerability in SEO Squirrly SEO Plugin by Squirrly SEO squirrly-seo.This issue affects SEO Plugin by Squirrly SEO: from n/a through <= 12.4.07.
CVE-2024-10515 1Squirrly 1Seo Plugin By Squirrly Seo Mar 31, 2025 Nov 20, 2024 N/A· v4 3.5 LOW· v3 N/A· v2 In the process of testing the SEO Plugin by Squirrly SEO WordPress plugin before 12.3.21, a vulnerability was found that allows you to implement Stored XSS on behalf of the editor by embedding malicious script, which ent...Show more In the process of testing the SEO Plugin by Squirrly SEO WordPress plugin before 12.3.21, a vulnerability was found that allows you to implement Stored XSS on behalf of the editor by embedding malicious script, which entails account takeover backdoorShow less
CVE-2024-43286 1Squirrly 1Seo Plugin By Squirrly Seo Mar 31, 2025 Aug 18, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Squirrly SEO Plugin by Squirrly SEO.This issue affects SEO Plugin by Squirrly SEO: from n/a through 12.3.19.
CVE-2024-6497 1Squirrly 1Seo Plugin By Squirrly Seo Apr 8, 2026 Jul 20, 2024 N/A· v4 6.1 MEDIUM· v3 N/A· v2 The SEO Plugin by Squirrly SEO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ parameter in all versions up to, and including, 12.3.19 due to insufficient input sanitization and output esc...Show more The SEO Plugin by Squirrly SEO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ parameter in all versions up to, and including, 12.3.19 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. CVE-2024-43286 appears to be a duplicate of this issue.Show less
CVE-2024-29790 1Squirrly 1Seo Plugin By Squirrly Seo Apr 28, 2026 Mar 27, 2024 N/A· v4 6.1 MEDIUM· v3 N/A· v2 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Squirrly SEO Plugin by Squirrly SEO allows Reflected XSS.This issue affects SEO Plugin by Squirrly SEO: from n/a throu...Show more Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Squirrly SEO Plugin by Squirrly SEO allows Reflected XSS.This issue affects SEO Plugin by Squirrly SEO: from n/a through 12.3.16.Show less
CVE-2022-44626 1Squirrly 1Seo Plugin By Squirrly Seo Apr 28, 2026 Mar 25, 2024 N/A· v4 6.3 MEDIUM· v3 N/A· v2 Missing Authorization vulnerability in Squirrly SEO Plugin by Squirrly SEO.This issue affects SEO Plugin by Squirrly SEO: from n/a through 12.1.20.
CVE-2024-0597 1Squirrly 1Seo Plugin By Squirrly Seo Apr 8, 2026 Feb 5, 2024 N/A· v4 4.8 MEDIUM· v3 N/A· v2 The SEO Plugin by Squirrly SEO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to and including 12.3.15 due to insufficient input sanitization and output escaping....Show more The SEO Plugin by Squirrly SEO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to and including 12.3.15 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.Show less
CVE-2023-50854 1Squirrly 1Seo Plugin By Squirrly Seo Apr 28, 2026 Dec 28, 2023 N/A· v4 7.2 HIGH· v3 N/A· v2 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Squirrly Squirrly SEO - Advanced Pack.This issue affects Squirrly SEO - Advanced Pack: from n/a before 2.4.02.
CVE-2022-45065 1Squirrly 1Seo Plugin By Squirrly Seo Nov 21, 2024 May 8, 2023 N/A· v4 6.1 MEDIUM· v3 N/A· v2 Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Squirrly SEO Plugin by Squirrly SEO plugin <= 12.1.20 versions.
CVE-2022-38140 1Squirrly 1Seo Plugin By Squirrly Seo Nov 21, 2024 Nov 28, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 Auth. (contributor+) Arbitrary File Upload in SEO Plugin by Squirrly SEO plugin <= 12.1.10 on WordPress.
CVE-2021-25019 1Squirrly 1Seo Plugin By Squirrly Seo Nov 21, 2024 Mar 21, 2022 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 The SEO Plugin by Squirrly SEO WordPress plugin before 11.1.12 does not escape the type parameter before outputting it back in an attribute in an admin page, leading to a Reflected Cross-Site Scripting