Medium 5.4
2025-09-22< 4.8.7.2
All In One SEO Pack <= 4.8.7.1 - Missing Authorization
All in One SEO – Powerful SEO Plugin to Boost SEO Rankings & Increase Traffic
Minimum safe version
4.9.3
Update to 4.9.3 or later to address 38 fixable vulnerabilities
Latest available4.9.6.2 ✓
Medium 4.3
2025-09-22< 4.8.7.2
All In One SEO Pack <= 4.8.7.1 - Authenticated (Contributor+) Sensitive Information Exposure
Medium 4.3
2026-01-16< 4.9.3
CVE-2025-14384
Medium 6.5
2025-12-18< 4.8.7
CVE-2025-64295
High 8.5
2025-12-16< 4.9.1.1
CVE-2025-67950
Medium 4.3
2025-11-15< 4.9.0
CVE-2025-12847
Medium 6.4
2025-05-19< 4.8.2
WordPress All In One SEO Pack Plugin <= 4.8.1.1 is vulnerable to Cross Site Scripting (XSS)
Medium 6.1
2024-05-20< 4.6.1.1
CVE-2024-3368
Medium 5.4
2024-05-02< 4.6.1.1
CVE-2024-3554
Medium 4.8
2023-02-27< 4.3.0
WordPress All In One SEO Pack Plugin <= 4.2.9 is vulnerable to Cross Site Scripting (XSS)
Medium 5.4
2023-02-27< 4.3.0
WordPress All In One SEO Pack Plugin <= 4.2.9 is vulnerable to Cross Site Scripting (XSS)
N/A
2014-05-31< 2.1.6
All in One SEO <= 2.1.5 - Missing Authorization
N/A
2014-05-31< 2.1.6
All in One SEO <= 2.1.5 - Cross-Site Scripting
N/A
2014-05-31< 2.2.5
All in One SEO <= 2.2.4.1 - Privilege Escalation to Arbitrary Post Modification
N/A
2015-04-20< 2.2.6.2
All in One SEO <= 2.2.6.1 - Reflected Cross-Site Scripting
N/A
2016-07-01< 2.3.7
All in One SEO – Best WordPress SEO Plugin – Easily Improve SEO Rankings & Increase Traffic <= 2.3.6 - Stored Cross-Site Scripting
N/A
2016-07-13< 2.3.8
All in One SEO Pack <= 2.3.7 - Unauthenticated Stored Cross-Site Scripting
N/A
2018-10-18< 2.10
All in One SEO <= 2.9.1.1 - Authenticated Stored Cross-Site Scripting
N/A
< 2.1.6
All in One SEO Pack <= 2.1.5 - Unspecified Privilege Escalation
N/A
< 2.1.6
All in One SEO Pack <= 2.1.5 - aioseop_functions.php new_meta Parameter XSS
N/A
< 2.2.6.2
wpscan.com
N/A
< 2.3.7
All in One SEO Pack <= 2.3.6.1 - Unauthenticated Stored Cross-Site Scripting (XSS)
N/A
< 2.3.8
All in One SEO Pack <= 2.3.7 - Unauthenticated Stored Cross-Site Scripting (XSS)
N/A
< 2.10
All in One SEO Pack <= 2.9.1.1 - Authenticated Stored Cross-Site Scripting (XSS)
Medium 5.4
2022-09-09< 4.2.4
CVE-2022-38093
N/A
2015-05-15< 2.1.6
WordPress All in One SEO Pack Plugin <= 2.1.5 - Privilege Escalation
N/A
2015-05-15< 2.1.6
WordPress All in One SEO Pack Plugin <= 2.1.5 - Cross Site Scripting
N/A
2015-09-09< 2.2.6.2
WordPress All in One SEO Pack Plugin <= 2.2.6.1 - Cross Site Scripting
N/A
2016-07-11< 2.3.6.2
WordPress All in One SEO Pack Plugin 2.3.6.1 - Persistent XSS
N/A
2016-07-19< 2.3.8
WordPress All in One SEO Pack Plugin <= 2.3.7 - Cross Site Scripting
N/A
2016-07-19< 2.3.7
WordPress All in One SEO Pack Plugin <= 2.3.6.1 - Stored Cross Site Scripting
N/A
2015-04-03< 2.2.6
CVE-2015-0902
Medium 5.4
2019-10-16< 3.2.7
CVE-2019-16520
Medium 6.1
2020-02-11< 2.0.3.1
CVE-2013-5988
Medium 5.4
2021-01-01< 3.6.2
CVE-2020-35946
High 8.8
2021-05-24< 4.1.0.2
CVE-2021-24307
Medium 6.5
2022-01-17< 4.1.5.3
CVE-2021-25037
High 8.8
2022-01-17< 4.1.5.3
CVE-2021-25036