CyberSec.Space Logo
CVEブラウザに戻る

CVE-2015-0902

MEDIUM
5.0
CVSS Severity Score
EPSS Score0.1860%
EPSS Percentile15.61th
Published2015年4月3日
Last Modified2026年5月6日

Vulnerability Description

The Semper Fi All in One SEO Pack plugin before 2.2.6 for WordPress does not consider the presence of password protection during generation of the Meta Description field, which allows remote attackers to obtain sensitive information by reading HTML source code.

Affected Platforms (CPE)

📦
Semperfiwebdesign

All In One Seo Pack

<= 2.2.5.1

References & Advisories

🔗 http://jvn.jp/en/jp/JVN75615300/index.html
🔗 http://jvndb.jvn.jp/jvndb/JVNDB-2015-000046
🔗 http://semperfiwebdesign.com/blog/all-in-one-seo-pack/all-in-one-seo-pack-release-history/
🔗 http://jvn.jp/en/jp/JVN75615300/index.html
🔗 http://jvndb.jvn.jp/jvndb/JVNDB-2015-000046
🔗 http://semperfiwebdesign.com/blog/all-in-one-seo-pack/all-in-one-seo-pack-release-history/

関連する脆弱性情報

CVE-2013-59886.1

A Cross-site Scripting (XSS) vulnerability exists in the All in One SEO Pack plugin before 2.0.3.1 for WordPress via the Search pa...

CVE-2019-165205.4

The all-in-one-seo-pack plugin before 3.2.7 for WordPress (aka All in One SEO Pack) is susceptible to Stored XSS due to improper e...

CVE-2020-359465.4

An issue was discovered in the All in One SEO Pack plugin before 3.6.2 for WordPress. The SEO Description and Title fields are vul...

CVE-2015-304810.0

Buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allows attackers to ex...