Vulnerability Details CVE-2021-34632
The SEO Backlinks WordPress plugin is vulnerable to Cross-Site Request Forgery via the loc_config function found in the ~/seo-backlinks.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 4.0.1.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 30.0%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.8
References
- https://plugins.trac.wordpress.org/browser/seo-backlinks/trunk/seo-backlinks.php#L75
- https://www.wordfence.com/vulnerability-advisories/#CVE-2021-34632
- https://plugins.trac.wordpress.org/browser/seo-backlinks/trunk/seo-backlinks.php#L75
- https://www.wordfence.com/vulnerability-advisories/#CVE-2021-34632
Products affected by CVE-2021-34632
-
cpe:2.3:a:seo_backlinks_project:seo_backlinks:-
-
cpe:2.3:a:seo_backlinks_project:seo_backlinks:4.0.1