cleantalk
Vulnerabilities and Security Researches

WordLift – AI powered SEO – Schema, CVE-2022-3069

CVE, Research URL

CVE-2022-3069

Home page URL

Security reports for WordLift – AI powered SEO – Schema

Application

WordLift – AI powered SEO – Schema

Published on
Sep 26, 2022
Research Description
The WordLift WordPress plugin before 3.37.2 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.
Affected versions
Min -, max 3.37.2.
Status
vulnerable
Previous vulnerability researches
WordLift – AI powered SEO – Schema (CVE-2022-3069) , Jun 07, 2024
WordLift – AI powered SEO – Schema (CVE-2025-30624) , Jun 15, 2025
WordLift – AI powered SEO – Schema (CVE-2024-12176) , Jan 08, 2025
New vulnerability
Ebook Store (CVE-2025-49862) , Jun 19, 2025
Arconix Shortcodes (CVE-2025-49858) , Jun 19, 2025
Responsive Starter Templates – Elementor & WordPress Templates (CVE-2025-49856) , Jun 19, 2025
WP VR – 360 Panorama and Virtual Tour Builder For WordPress (CVE-2025-47452) , Jun 19, 2025
myCred – Points, Rewards, Gamification, Ranks, Badges & Loyalty Plugin (CVE-2025-49872) , Jun 19, 2025