cleantalk
Vulnerabilities and Security Researches

SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer, CVE-2024-3287

CVE, Research URL

CVE-2024-3287

Home page URL

Security reports for SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer

Application

SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer

Published on
May 02, 2024
Research Description
The SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer plugin for WordPress is vulnerable to unauthorized ld+json description injection due to a missing capability check on the save_settings function in all versions up to, and including, 3.10.2. This makes it possible for unauthenticated attackers to save schema types.
Affected versions
Min -, max 3.10.3.
Status
vulnerable
Previous vulnerability researches
SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer (CVE-2025-11163) , Oct 11, 2025
SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer (CVE-2024-3287) , Jun 07, 2024
SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer (CVE-2023-5949) , Jun 07, 2024
SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer (CVE-2024-6556) , Jul 11, 2024
New vulnerability
Genealogical Tree – WordPress Family Tree (CVE-2025-58023) , Oct 12, 2025
WPB Quick View Popup for WooCommerce – Display Product Informations in Popup on Button Click (CVE-2025-57967) , Oct 12, 2025
Mixtape (CVE-2025-9860) , Oct 12, 2025
Advanced Settings (CVE-2025-58996) , Oct 12, 2025
FancyTabs (CVE-2025-8560) , Oct 12, 2025