CVE-2022-42494 LOW

CVE-2022-42494: WordPress All in One SEO Pro plugin <= 4.2.5.1 - Server Side Request Forgery (SSRF) vulnerability

Vendor Semper Plugins, Llc

Product All in One SEO Pro (WordPress plugin)

Weakness CWE-918 · SSRF

Published November 8, 2022

Last update April 28, 2026

CVSS base score

3.0/10

Attack vector Network

Attack complexity High

Privileges required High

User interaction None

Confidentiality Low

Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:N

What the vulnerability does

01Description

Server Side Request Forgery (SSRF) vulnerability in All in One SEO Pro plugin <= 4.2.5.1 on WordPress.

Key dates

November 8, 2022 CVE published

April 28, 2026 Record updated

External resources

Related vulnerabilities

CVE CVE-2022-42494

CWE CWE-918

CVSS 3.0 / LOW

Vendor Semper Plugins, Llc

Product All in One SEO Pro (WordPress plugin)

Affected ≥ <= 4.2.5.1 and ≤ 4.2.5.1