CVE-2015-0902
Semper Fi All in One SEO Pack < 2.2.5.1 - Exposure of Sensitive Information via Meta Description Field
Title source: llmDescription
The Semper Fi All in One SEO Pack plugin before 2.2.6 for WordPress does not consider the presence of password protection during generation of the Meta Description field, which allows remote attackers to obtain sensitive information by reading HTML source code.
References (3)
Core 3
Core References
Vendor Advisory third-party-advisory
x_refsource_jvn
http://jvn.jp/en/jp/JVN75615300/index.html
Vendor Advisory third-party-advisory
x_refsource_jvndb
http://jvndb.jvn.jp/jvndb/JVNDB-2015-000046
Patch, Vendor Advisory x_refsource_confirm
http://semperfiwebdesign.com/blog/all-in-one-seo-pack/all-in-one-seo-pack-release-history/
Scores
EPSS
0.0303
EPSS Percentile
85.9%
Details
CWE
CWE-200
Status
published
Products (1)
semperfiwebdesign/all_in_one_seo_pack
< 2.2.5.1
Published
Apr 03, 2015
Tracked Since
Feb 18, 2026