CVE-2024-3679

MEDIUM

Premium SEO Pack - WP SEO Plugin <= 1.6.002 - Unauthenticated Sensitive Information Exposure via Social Meta Data

Title source: llm

Description

The Premium SEO Pack – WP SEO Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.6.002. This makes it possible for unauthenticated attackers to view limited information from password protected posts through the social meta data.

References (2)

Core 2

Core References

Product

https://wordpress.org/plugins/premium-seo-pack/

Third Party Advisory

https://www.wordfence.com/threat-intel/vulnerabilities/id/ccb65de5-bfb5-47db-87c9-ad46e65924b8?source=cve

Scores

CVSS v3 5.3

EPSS 0.0041

EPSS Percentile 32.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-200

Status published

Products (2)

calinvingan/Premium SEO Pack – WP SEO Plugin < 1.6.002

squirrly/wp_seo_plugin < 1.6.001

Published Aug 29, 2024

Tracked Since Feb 18, 2026