CVE-2026-11370 | joomunited WP Meta SEO Plugin up to 4.5.18 on WordPress Outbound Requests new_link server-side request forgery

Inserito da Angelo Barbosa | Giu 24, 2026 | CVE

A vulnerability, which was classified as critical, was found in joomunited WP Meta SEO Plugin up to 4.5.18 on WordPress. Affected is an unknown function of the component Outbound Requests Handler. Such manipulation of the argument new_link leads to server-side request forgery.

This vulnerability is referenced as CVE-2026-11370. It is possible to launch the attack remotely. No exploit is available.

You should upgrade the affected component.

CVE-2026-11370 | joomunited WP Meta SEO Plugin up to 4.5.18 on WordPress Outbound Requests new_link server-side request forgery

Post correlati

CVE-2024-3885 | Premium Addons for Elementor Plugin up to 4.10.28 on WordPress cross site scripting

CVE-2024-4304 | GT3 Soluciones SWAL 2.0 Titular cross site scripting

CVE-2024-3925 | bdthemes Element Pack Elementor Addons Plugin up to 5.6.7 on WordPress cross site scripting

CVE-2026-11466 | zilliztech deep-searcher up to 0.0.2 collection_router.py CollectionRouter.invoke kwargs access control (Issue 267)