The SEOPress plugin for WordPress has a security vulnerability that allows attackers to insert harmful web scripts into pages. This can happen because the plugin does not properly clean up the information entered into the image alt parameter. As a result, anyone with author access or higher can exploit this vulnerability to run their own scripts on pages that other users visit.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
