The All in One SEO WordPress plugin before 4.1.5.3 is affected by an authenticated SQL injection issue, which was discovered during an internal audit by the Jetpack Scan team, and could grant attackers access to privileged information from the affected site’s database (e.g., usernames and hashed passwords).
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: WPScan

Published: 2022-01-17T13:00:36

Updated: 2024-08-03T19:49:14.558Z

Reserved: 2021-01-14T00:00:00

Link: CVE-2021-25037

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2022-01-17T13:15:07.910

Modified: 2022-01-24T15:12:22.677

Link: CVE-2021-25037

cve-icon Redhat

No data.