The WP Meta SEO WordPress plugin before 4.5.3 does not...
Moderate severity
Unreviewed
Published
Mar 20, 2023
to the GitHub Advisory Database
•
Updated Mar 31, 2023
Description
Published by the National Vulnerability Database
Mar 20, 2023
Published to the GitHub Advisory Database
Mar 20, 2023
Last updated
Mar 31, 2023
The WP Meta SEO WordPress plugin before 4.5.3 does not authorize several ajax actions, allowing low-privilege users to make updates to certain data and leading to an arbitrary redirect vulnerability.
References