cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-12176,https://securityvulnerability.io/vulnerability/CVE-2024-12176,Unauthorized Access Flaw in WordLift Schema Plugin for WordPress,"The WordLift plugin, designed to enhance SEO through AI-driven schema features on WordPress, has a security flaw that allows unauthorized users to gain access to sensitive settings. This vulnerability is due to inadequate capability checks on the 'wl_config_plugin' AJAX action. As a result, unauthenticated attackers can manipulate the plugin's configuration, posing risks to website integrity and security. Users should update to the latest version to safeguard against potential exploitation.",Wordpress,Wordlift – Ai Powered Seo – Schema,5.3,MEDIUM,0.0004600000102072954,false,,false,false,false,false,false,false,2025-01-07T04:22:19.089Z,0
CVE-2022-3069,https://securityvulnerability.io/vulnerability/CVE-2022-3069,Wordlift < 3.37.2 - Admin+ Stored Cross-Site Scripting,"The WordLift WordPress plugin before 3.37.2 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.",Wordpress,Wordlift – Ai Powered Seo – Schema,4.8,MEDIUM,0.000539999979082495,false,,false,false,false,,false,false,2022-09-26T12:35:39.000Z,0