CVE-2023-1027 — Missing Authorization in WP Meta SEO

CWE-862 — Missing Authorization CWE-843 — Type Confusion6 documents6 sources

Severity

4.3MEDIUMNVD

EPSS

0.2%

top 60.66%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Joomunited WP Meta SEO

Timeline

PublishedFeb 28

Latest updateDec 24

Description

The WP Meta SEO plugin for WordPress is vulnerable to unauthorized sitemap generation due to a missing capability check on the checkAllCategoryInSitemap function in versions up to, and including, 4.5.3. This makes it possible for authenticated attackers with subscriber-level access to obtain post categories. This vulnerability occurred as a result of the plugin relying on nonce checks as a means of access control, and that nonce being accessible to all authenticated users regardless of role.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages2 packages

▶CVEListV5joomunited/wp_meta_seo4.5.3

▶NVDjoomunited/wp_meta_seo4.5.3

Patches

Patch: plugins.trac.wordpress.org ↗Patch: plugins.trac.wordpress.org ↗Patch: plugins.trac.wordpress.org ↗

🔴Vulnerability Details

OSV

kheaders: Use array declaration instead of char↗2025-12-24

▶

CVEList

WP Meta SEO <= 4.5.3 - Missing Authorization in 'checkAllCategoryInSitemap'↗2023-02-28

▶

GHSA

GHSA-6qcj-7675-pvc9: The WP Meta SEO plugin for WordPress is vulnerable to unauthorized sitemap generation due to a missing capability check on the checkAllCategoryInSitem↗2023-02-28

▶

📋Vendor Advisories

Red Hat

kernel: kheaders: Use array declaration instead of char↗2025-12-24

▶