WP Clinic
Log in Sign up

PLUGIN SECURITY

Is Wp Seopress safe?

Known vulnerabilities, PHP compatibility and safer alternatives for the Wp Seopress WordPress plugin — checked against WP Clinic's local security database.

Plugin details

  • Slug: wp-seopress
  • Requires PHP: 7.4+
  • Max supported PHP (analyzed): <8.0

Known vulnerabilities

  • SEOPress &#8211; AI SEO Plugin &amp; On-site SEO [wp-seopress] >= 5.0.0 - <= 5.0.3 [CVE-2021-34641, WordPress SEOPress, on-site SEO plugin 5.0.0 – 5.0.3 - Stored Cross-Site Scripting (XSS) vulnerability via REST-API, SEOPress 5.0.0 - 5.0.3 - Stored Cross-Site Scripting, SEOPress 5.0.0 &ndash; 5.0.3 - Authenticated Stored Cross-Site Scripting]
  • SEOPress &#8211; AI SEO Plugin &amp; On-site SEO [wp-seopress] < 6.5.0.3 [SEOPress <= 6.5.0.2 - Authenticated (Administrator+) PHP Object Injection]
  • SEOPress &#8211; AI SEO Plugin &amp; On-site SEO [wp-seopress] < 6.5.0.3 [WordPress SEOPress Plugin <= 6.5.0.2 is vulnerable to PHP Object Injection]
  • SEOPress &#8211; AI SEO Plugin &amp; On-site SEO [wp-seopress] < 6.5.0.3 [CVE-2023-1669, SEOPress &lt; 6.5.0.3 - Admin+ PHP Object Injection]
  • SEOPress &#8211; AI SEO Plugin &amp; On-site SEO [wp-seopress] < 7.3 [CVE-2023-6290, SEOPress – On-site SEO <= 7.2 - Authenticated (Admin+) Stored Cross-Site Scripting, WP SEO Press &lt; 7.3 - Admin+ Stored XSS]
+ 11 more known vulnerabilities
  • SEOPress &#8211; AI SEO Plugin &amp; On-site SEO [wp-seopress] < 7.6 [CVE-2024-2165, SEOPress – On-site SEO <= 7.5.2.1 - Authenticated (Author+) Stored Cross-Site Scripting, WordPress SEOPress Plugin <= 7.5.2.1 is vulnerable to Cross Site Scripting (XSS), SEOPress &ndash; On-site SEO &lt; 7.6 - Author+ Stored Cross-Site Scripting]
  • SEOPress &#8211; AI SEO Plugin &amp; On-site SEO [wp-seopress] < 7.7 [CVE-2024-34383, WordPress SEOPress Plugin <= 7.6.1 is vulnerable to Insecure Direct Object References (IDOR), SEOPress <= 7.6.1 - Information Exposure]
  • SEOPress &#8211; AI SEO Plugin &amp; On-site SEO [wp-seopress] < 7.6 [CVE-2024-1134, SEOPress – On-site SEO <= 7.5.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting]
  • SEOPress &#8211; AI SEO Plugin &amp; On-site SEO [wp-seopress] < 7.8 [CVE-2024-4899, SEOPress <= 7.7.2 - Authenticated (Contributor+) Stored Cross-Site Scripting, WordPress SEOPress Plugin < 7.8 is vulnerable to Cross Site Scripting (XSS)]
  • SEOPress &#8211; AI SEO Plugin &amp; On-site SEO [wp-seopress] < 7.8 [CVE-2024-4900, SEOPress <= 7.7.2 - Authenticated (Contributor+) Open Redirect, WordPress SEOPress Plugin < 7.8 is vulnerable to Open Redirection]
  • SEOPress &#8211; AI SEO Plugin &amp; On-site SEO [wp-seopress] < 7.9.1 [CVE-2024-1168, SEOPress – On-site SEO <= 7.9 - Authenticated(Contributor+) Stored Cross-Site Scripting via Social Image URL, WordPress SEOPress Plugin <= 7.9 is vulnerable to Cross Site Scripting (XSS)]
  • SEOPress &#8211; AI SEO Plugin &amp; On-site SEO [wp-seopress] < 7.9 [CVE-2024-5488, WordPress SEOPress Plugin < 7.9 is vulnerable to PHP Object Injection, SEOPress <= 7.8 - Unauthenticated PHP Object Injection]
  • SEOPress &#8211; AI SEO Plugin &amp; On-site SEO [wp-seopress] < 8.2 [CVE-2024-9225, SEOPress – On-site SEO <= 8.1.1 - Reflected Cross-Site Scripting, WordPress SEOPress Plugin <= 8.1.1 is vulnerable to Cross Site Scripting (XSS)]
  • SEOPress &#8211; AI SEO Plugin &amp; On-site SEO [wp-seopress] < 8.2 [CVE-2024-50454, WordPress SEOPress Plugin <= 8.1.1 is vulnerable to Broken Access Control, SEOPress <= 8.1.1 - Missing Authorization]
  • SEOPress &#8211; AI SEO Plugin &amp; On-site SEO [wp-seopress] < 8.2 [CVE-2024-50456, WordPress SEOPress Plugin <= 8.1.1 is vulnerable to Broken Access Control, SEOPress <= 8.1.1 - Missing Authorization]
  • SEOPress &#8211; AI SEO Plugin &amp; On-site SEO [wp-seopress] < 8.2 [CVE-2024-50455, WordPress SEOPress Plugin <= 8.1.1 is vulnerable to Broken Access Control, SEOPress <= 8.1.1 - Missing Authorization]

Vulnerabilities are matched against the exact installed version when it's known. Always keep the plugin updated to the latest release.

Safer / more established alternatives

Check your own WordPress site

Run a free passive scan now, or create a free account and install the WP Clinic plugin for a deep scan of your whole hosting account and AI-assisted repair.