Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
2 vulnerabilities found for smart_seo_tool by wbolt
CVE-2021-24976 (GCVE-0-2021-24976)
Vulnerability from nvd – Published: 2022-01-24 08:01 – Updated: 2024-08-03 19:49
VLAI?
Title
Smart SEO Tool < 3.0.6 - Reflected Cross-Site Scripting
Summary
The Smart SEO Tool WordPress plugin before 3.0.6 does not sanitise and escape the search parameter before outputting it back in an attribute when the TDK optimisation setting is enabled, leading to a Reflected Cross-Site Scripting
Severity ?
No CVSS data available.
CWE
- CWE-79 - Cross-site Scripting (XSS)
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unknown | Smart SEO Tool – SEO优化插件 |
Affected:
3.0.6 , < 3.0.6
(custom)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:49:14.366Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/7d5f58a8-bee4-46be-9c08-d272678338f0"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset/2637305"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Smart SEO Tool \u2013 SEO\u4f18\u5316\u63d2\u4ef6",
"vendor": "Unknown",
"versions": [
{
"lessThan": "3.0.6",
"status": "affected",
"version": "3.0.6",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "lnsmile"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Smart SEO Tool WordPress plugin before 3.0.6 does not sanitise and escape the search parameter before outputting it back in an attribute when the TDK optimisation setting is enabled, leading to a Reflected Cross-Site Scripting"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross-site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-24T08:01:02.000Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpscan.com/vulnerability/7d5f58a8-bee4-46be-9c08-d272678338f0"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://plugins.trac.wordpress.org/changeset/2637305"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Smart SEO Tool \u003c 3.0.6 - Reflected Cross-Site Scripting",
"x_generator": "WPScan CVE Generator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "contact@wpscan.com",
"ID": "CVE-2021-24976",
"STATE": "PUBLIC",
"TITLE": "Smart SEO Tool \u003c 3.0.6 - Reflected Cross-Site Scripting"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Smart SEO Tool \u2013 SEO\u4f18\u5316\u63d2\u4ef6",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "3.0.6",
"version_value": "3.0.6"
}
]
}
}
]
},
"vendor_name": "Unknown"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "lnsmile"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Smart SEO Tool WordPress plugin before 3.0.6 does not sanitise and escape the search parameter before outputting it back in an attribute when the TDK optimisation setting is enabled, leading to a Reflected Cross-Site Scripting"
}
]
},
"generator": "WPScan CVE Generator",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wpscan.com/vulnerability/7d5f58a8-bee4-46be-9c08-d272678338f0",
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/7d5f58a8-bee4-46be-9c08-d272678338f0"
},
{
"name": "https://plugins.trac.wordpress.org/changeset/2637305",
"refsource": "CONFIRM",
"url": "https://plugins.trac.wordpress.org/changeset/2637305"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2021-24976",
"datePublished": "2022-01-24T08:01:02.000Z",
"dateReserved": "2021-01-14T00:00:00.000Z",
"dateUpdated": "2024-08-03T19:49:14.366Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-24976 (GCVE-0-2021-24976)
Vulnerability from cvelistv5 – Published: 2022-01-24 08:01 – Updated: 2024-08-03 19:49
VLAI?
Title
Smart SEO Tool < 3.0.6 - Reflected Cross-Site Scripting
Summary
The Smart SEO Tool WordPress plugin before 3.0.6 does not sanitise and escape the search parameter before outputting it back in an attribute when the TDK optimisation setting is enabled, leading to a Reflected Cross-Site Scripting
Severity ?
No CVSS data available.
CWE
- CWE-79 - Cross-site Scripting (XSS)
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unknown | Smart SEO Tool – SEO优化插件 |
Affected:
3.0.6 , < 3.0.6
(custom)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:49:14.366Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/7d5f58a8-bee4-46be-9c08-d272678338f0"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset/2637305"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Smart SEO Tool \u2013 SEO\u4f18\u5316\u63d2\u4ef6",
"vendor": "Unknown",
"versions": [
{
"lessThan": "3.0.6",
"status": "affected",
"version": "3.0.6",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "lnsmile"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Smart SEO Tool WordPress plugin before 3.0.6 does not sanitise and escape the search parameter before outputting it back in an attribute when the TDK optimisation setting is enabled, leading to a Reflected Cross-Site Scripting"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross-site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-24T08:01:02.000Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpscan.com/vulnerability/7d5f58a8-bee4-46be-9c08-d272678338f0"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://plugins.trac.wordpress.org/changeset/2637305"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Smart SEO Tool \u003c 3.0.6 - Reflected Cross-Site Scripting",
"x_generator": "WPScan CVE Generator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "contact@wpscan.com",
"ID": "CVE-2021-24976",
"STATE": "PUBLIC",
"TITLE": "Smart SEO Tool \u003c 3.0.6 - Reflected Cross-Site Scripting"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Smart SEO Tool \u2013 SEO\u4f18\u5316\u63d2\u4ef6",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "3.0.6",
"version_value": "3.0.6"
}
]
}
}
]
},
"vendor_name": "Unknown"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "lnsmile"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Smart SEO Tool WordPress plugin before 3.0.6 does not sanitise and escape the search parameter before outputting it back in an attribute when the TDK optimisation setting is enabled, leading to a Reflected Cross-Site Scripting"
}
]
},
"generator": "WPScan CVE Generator",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wpscan.com/vulnerability/7d5f58a8-bee4-46be-9c08-d272678338f0",
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/7d5f58a8-bee4-46be-9c08-d272678338f0"
},
{
"name": "https://plugins.trac.wordpress.org/changeset/2637305",
"refsource": "CONFIRM",
"url": "https://plugins.trac.wordpress.org/changeset/2637305"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2021-24976",
"datePublished": "2022-01-24T08:01:02.000Z",
"dateReserved": "2021-01-14T00:00:00.000Z",
"dateUpdated": "2024-08-03T19:49:14.366Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}