Medium 4.3
2024-03-29< 5.2.7
CVE-2024-30468
All-In-One Security (AIOS) – Security and Firewall
Minimum safe version
5.2.7
Update to 5.2.7 or later to address 43 fixable vulnerabilities
Latest available5.4.7 ✓
N/A
2024-02-08< 5.2.7
All In One WP Security <= 5.2.6 - Cross-Site Request Forgery to IP Blocking
Medium 6.1
2024-02-07< 5.2.6
CVE-2024-1037
Low 3.7
2024-12-28< 5.2.5
WordPress All In One WP Security & Firewall Plugin <= 5.2.4 is vulnerable to Bypass Vulnerability
N/A
2023-10-25< 5.2.5
All In One WP Security <= 5.2.4 - Protection Bypass of Renamed Login Page via URL Encoding
N/A
< 5.2.0
All-In-One Security (AIOS) – Security and Firewall < 5.2.0 - Insecure Storage of Password
N/A
2023-07-12< 5.2.0
WordPress All In One WP Security & Firewall Plugin 5.1.9 is vulnerable to Sensitive Data Exposure
N/A
2023-07-11< 5.2.0
All In One WP Security 5.1.9 - Plaintext Storage of Credentials
Medium 4.8
2023-04-11< 5.1.5
WordPress All In One WP Security & Firewall Plugin < 5.1.5 is vulnerable to Cross Site Scripting (XSS)
Medium 4.9
2023-04-10< 5.1.5
CVE-2023-0156
N/A
2023-02-15< 5.1.5
WordPress All In One WP Security & Firewall Plugin <= 5.1.4 is vulnerable to Directory Traversal
N/A
2023-02-14< 5.1.5
All-In-One Security (AIOS) <= 5.1.4 - Authenticated(Admin+) Directory Traversal
N/A
2016-07-31< 4.1.3
All In One WP Security & Firewall <= 4.1.2 - Captcha Bypass
Medium 5.3
2023-01-23< 5.1.3
CVE-2022-4346
N/A
2020-09-08< 4.4.4
All In One WP Security & Firewall <= 4.4.3 - Reflected Cross-Site Scripting
N/A
2022-09-30< 5.0.8
All In One WP Security & Firewall 5.0.0 - 5.0.7 - Protection Bypass via IP Spoofing
N/A
2022-11-17< 5.1.1
All In One WP Security & Firewall <= 5.1.0 - Cross-Site Request Forgery
N/A
2022-12-09< 5.1.3
All-In-One Security <= 5.1.2 - Information Disclosure
Medium 5.3
2022-12-12< 5.0.8
CVE-2022-4097
Medium 6.5
2022-11-22< 5.1.1
CVE-2022-44737
N/A
< 4.1.3
All In One WP Security & Firewall <= 4.1.2 - Multiple vulnerabilities in login CAPTCHA
N/A
< 4.2.2
All In One WP Security & Firewall <= 4.2.1 - Cross-Site Scripting (XSS)
N/A
< 4.4.2
All In One WP Security & Firewall <= 4.4.1 - Open Redirect & Hidden Login Page Exposure
N/A
< 4.4.4
All In One WP Security & Firewall < 4.4.4 - CSRF & XSS
N/A
2015-04-08< 3.9.1
WordPress All In One WP Security & Firewall Plugin 3.9.0 - SQL Injection
N/A
2014-10-02< 3.8.4
WordPress All In One WP Firewall Plugin 3.8.3 - Persistent XSS
N/A
2015-08-13< 3.9.8
WordPress All In One WP Security & Firewall Plugin <= 3.9.7 - XSS
N/A
2016-07-31< 4.1.3
WordPress All In One WP Security & Firewall Plugin <= 4.1.2 - Multiple Vulnerabilities
N/A
2016-12-14< 4.2.2
WordPress All In One WP Security & Firewall <= 4.2.1 - Cross Site Scripting
N/A
2020-09-09< 4.4.4
WordPress All In One WP Security & Firewall plugin <= 4.4.3 - Reflected Cross-Site Scripting (XSS) vulnerability
Medium 4.7
2025-10-03< 4.4.11
CVE-2021-25102
N/A
2014-10-02< 3.8.3
CVE-2014-6242
N/A
2015-03-07< 3.9.0
CVE-2015-0895
N/A
2015-03-07< 3.8.8
CVE-2015-0894
Medium 6.1
2019-08-13< 4.0.5
CVE-2016-10868
Medium 6.1
2019-08-13< 4.0.6
CVE-2016-10867
Medium 6.1
2019-08-13< 4.2.0
CVE-2016-10866
Medium 6.1
2019-08-13< 3.9.5
CVE-2015-9294
Medium 6.1
2019-08-13< 3.9.8
CVE-2015-9293
Critical 9.8
2019-08-14< 3.9.1
CVE-2015-9310
Critical 9.8
2019-08-14< 4.0.7
CVE-2016-10888
Critical 9.8
2019-08-14< 4.0.9
CVE-2016-10887
Medium 6.1
2021-02-11< 4.4.6
WordPress All In One WP Security & Firewall plugin <= 4.4.5 - Authenticated Cross-Site Scripting (XSS) vulnerability