CVE-2015-0902

Semper Fi All in One SEO Pack < 2.2.5.1 - Exposure of Sensitive Information via Meta Description Field

Title source: llm
STIX 2.1

Description

The Semper Fi All in One SEO Pack plugin before 2.2.6 for WordPress does not consider the presence of password protection during generation of the Meta Description field, which allows remote attackers to obtain sensitive information by reading HTML source code.

References (3)

Core 3
Core References
Vendor Advisory third-party-advisory x_refsource_jvn
http://jvn.jp/en/jp/JVN75615300/index.html
Vendor Advisory third-party-advisory x_refsource_jvndb
http://jvndb.jvn.jp/jvndb/JVNDB-2015-000046

Scores

EPSS 0.0303
EPSS Percentile 85.9%

Details

CWE
CWE-200
Status published
Products (1)
semperfiwebdesign/all_in_one_seo_pack < 2.2.5.1
Published Apr 03, 2015
Tracked Since Feb 18, 2026