Skip to main content

Crawlwp Seo

1 CVEs product

Monthly

CVE-2026-59520 MEDIUM This Month

Cross-Site Request Forgery in the CrawlWP SEO WordPress plugin (versions through 3.0.16) allows an unauthenticated attacker to perform unauthorized state-changing actions on behalf of an authenticated site administrator. Exploitation requires social engineering - a logged-in admin must be tricked into visiting a malicious page that silently submits a forged request. The integrity impact is low, limited to unauthorized configuration changes within the plugin's functionality. No public exploit code or active exploitation has been identified at time of analysis, consistent with the vulnerability's low CVSS base score of 4.3.

CSRF Crawlwp Seo
NVD
CVSS 3.1
4.3
EPSS
0.1%
EPSS 0% CVSS 4.3
MEDIUM This Month

Cross-Site Request Forgery in the CrawlWP SEO WordPress plugin (versions through 3.0.16) allows an unauthenticated attacker to perform unauthorized state-changing actions on behalf of an authenticated site administrator. Exploitation requires social engineering - a logged-in admin must be tricked into visiting a malicious page that silently submits a forged request. The integrity impact is low, limited to unauthorized configuration changes within the plugin's functionality. No public exploit code or active exploitation has been identified at time of analysis, consistent with the vulnerability's low CVSS base score of 4.3.

CSRF Crawlwp Seo
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy