Vulnerabilities and security researches formetasync metasync
Direction: ascendingOct 03, 2024
Search Atlas SEO – Best SEO Plugin for One-Click WP Publishing & Integrated AI Optimization # CVE-2024-47387
- CVE, Research URL
- Home page URL
- Application
- Date
- Oct 05, 2024
- Research Description
- Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in LinkGraph Search Atlas SEO allows Stored XSS.This issue affects Search Atlas SEO: from n/a through 1.8.2.
- Affected versions
-
max 1.8.3.
- Status
-
vulnerable
Oct 11, 2025
Search Atlas SEO – Best SEO Plugin for One-Click WP Publishing & Integrated AI Optimization # CVE-2025-58019
- CVE, Research URL
- Home page URL
- Application
- Date
- Sep 23, 2025
- Research Description
- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Search Atlas Search Atlas SEO allows Stored XSS. This issue affects Search Atlas SEO: from n/a through 2.5.4.
- Affected versions
-
max 2.5.5.
- Status
-
vulnerable
Feb 27, 2026
Search Atlas SEO – Best SEO Plugin for One-Click WP Publishing & Integrated AI Optimization # CVE-2025-14386
- CVE, Research URL
- Home page URL
- Application
- Date
- Jan 28, 2026
- Research Description
- The Search Atlas SEO – Premier SEO Plugin for One-Click WP Publishing & Integrated AI Optimization plugin for WordPress is vulnerable to authentication bypass due to a missing capability check on the 'generate_sso_url' and 'validate_sso_token' functions in versions 2.4.4 to 2.5.12. This makes it possible for authenticated attackers, with Subscriber-level access and above, to extract the 'nonce_token' authentication value to log in to the first Administrator's account.
- Affected versions
-
max 2.4.4.
- Status
-
vulnerable