cleantalk
Vulnerabilities and Security Researches

WordLift – AI powered SEO – Schema, CVE-2022-3069

CVE, Research URL

CVE-2022-3069

Home page URL

Security reports for WordLift – AI powered SEO – Schema

Application

WordLift – AI powered SEO – Schema

Published on
Sep 26, 2022
Research Description
The WordLift WordPress plugin before 3.37.2 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.
Affected versions
Min -, max 3.37.2.
Status
vulnerable
Previous vulnerability researches
WordLift – AI powered SEO – Schema (CVE-2022-3069) , Jun 07, 2024
WordLift – AI powered SEO – Schema (CVE-2025-30624) , Jun 15, 2025
WordLift – AI powered SEO – Schema (CVE-2025-53582) , Aug 16, 2025
WordLift – AI powered SEO – Schema (CVE-2024-12176) , Jan 08, 2025
New vulnerability
Surbma | Recent Comments Shortcode (CVE-2025-7649) , Aug 17, 2025
Print My Blog – Print, PDF, & eBook Converter WordPress Plugin (CVE-2025-54740) , Aug 17, 2025
MDTF – Meta Data and Taxonomies Filter (CVE-2025-54707) , Aug 17, 2025
StoryChief (CVE-2025-7441) , Aug 17, 2025
Woocommerce Blocks – Woolook (CVE-2024-8393) , Aug 17, 2025