Headline

CVE-2022-36404: Simple SEO

Auth. (subscriber+) Broken Access Control vulnerability in David Cole Simple SEO plugin <= 1.8.12 on WordPress allows attackers to create or delete sitemap.

2 years ago

CVE

Open in Source

#vulnerability #web #ios #google #wordpress #perl #oauth #auth

Details
Reviews
Installation
Support
Development
Nonce Security!
Generates META tags automatically.
Works out-of-the-box. Just install!
You can override any title and set any META description and any META keywords you want!
Google Analytic 4!
Google Webmaster Tools!
Bing verification & Yandex verification!
Twitter and Facebook customization!
Quickedit SEO titles and descriptions!
Import Yoast SEO data!
Import Rank Math SEO data!
Import All In One SEO data!
Supports custom post types!

Upload the plugin files to the /wp-content/plugins/cds-simple-seo directory, or install the plugin through the WordPress plugins screen directly.
Activate the plugin through the ‘Plugins’ screen in WordPress.
Use the Settings -> Simple SEO screen to configure the sitemap, the META info for the homepage, Google webmaster tools, Google analytic, etc.

If upgrading, please back up your database first!

Please email [email protected] with any questions.

Q: How does front page title and description work.

A: The default title and description will be used under settings. If the front page, or blog page are used, then those pages meta information will be used.

Keep it up Mr. Cole. Simplicity in chaos is the correct path.

As feedback, We are not pleased with the way the plugin is set, but also with the support provided to properly configuring it. This made us simply unistalled it. Perhaps you guys may need to include more people to help you with this area, while having videos, screenshots and all the information available to configure the plugin easy and efficiently, but also providing a lean and clean way to unistall it if the case arises. At the end all is about service quality and customer experience.

JUST AWESOME & simple. please add redirect url. complete!

Finally after searching through SEO plugins all day I came across this one. Does exactly what I wanted, nothing superfluous. Excellent!

Great SEO plug-in! Puts the control back to the user without all the smoke and mirrors of Yoast, AIOSEO, et. al. Study your SEO manual, install this WordPress plug-in, and you’re set.

Finally, a simple plugin just to add custom keyword and meta description like the old days.

Read all 14 reviews

“Simple SEO” is open source software. The following people have contributed to this plugin.

Contributors

David Cole

1.1.0

Added Google webmaster tools and analytic

1.2.0

Release Date: August 11th, 2017

Enhancements
- Added Robot NOINDEX and NOFOLLOW
- Added a preview sections for how the meta information should show on a search engine page.
- Added pre_get_document_title for compatibility
Bugfixes
- Fixes a typo in the readme.txt :-p

1.2.1

Release Date: August 24th, 2017

Bugfixes
- Google Verification fixed/updated.

1.2.2

Release Date: August 30th, 2017

Bugfixes
- Fixed title, description, etc from showing a empty result () if it’s not specified.
- Added some simple code to generate default metadata if none is specified.

1.2.3

Enhancements
- Added settings link to plugin page.
- Updated the GA script/code.
- Various minor changes for future updates.

1.3.0

Release Date: April 17th, 2018

Enchancments
- Complete overhaul of Simple SEO presentation when editing pages, posts, etc.
- Lots of code optimization.
Random
- Updated the license to: GPLv3

1.3.1

Release Date: May 21st, 2018

Bugfixes
- Fixed a bug which prevented the keywords and description from showing. Thank you Aletta!

1.3.2

Release Date: May 28th, 2018

Bugfixes
- Fixed a bug which displayed Google Analytic even if a code was not added. Thank you Mahendra!

1.3.3

Release Date: June 21th, 2018

Enchancments
- Added meta title and meta description input fields to quick edit and bulk edit.
- Added meta titles and meta description to index; where applicable

1.3.4

Release Date: July 5th, 2018

Bugfixes
- Quick edit fix.

1.4.0

Release Date: May 19th, 2019

Enchancments
- Facebook
- Twitter
- Bing Verification
- Baidu Verification
- Yandex Verification

1.4.1

Release Date: May 22nd, 2019

Bugfix
- WooCommerce compadability – Thank you Andrew.

1.4.2

Release Date: May 23rd, 2019

Bugfix
- WooCommerce compadability – Thank you Andrew.

1.4.3

Release Date: June 13th, 2019

Enchancments
- Added quick edit for posts
- Added the option to import Yoast SEO data into Simple SEO. This can be found under Settings -> Simple SEO at the bottom of the page.

1.4.4

Release Date: June 13th, 2019

Enchancments
- Added post_name to the columns options

1.4.5

Release Date: June 13th, 2019

Enchancments
- Added taxonomy support
- Including WooCommerce taxonomy support!

1.4.6

Release Date: June 13th, 2019

Bugfix
- Taxonomy fix.

1.4.8

Release Date: June 14th, 2019

Bugfix
- WooCommerce compadability issue for those not running woocommerce. Fixed.

1.4.9

Release Date: June 14th, 2019

Bugfix
- d2.roth posted a bug with contact form 7. Fixed.

1.5

Release Date: Feb 27th, 2020

Enchancments
- Quickedit for custom post types
- Column sorting

1.5.1

Release Date: June 16th, 2020

Bugfix
- Fix an issues where the default meta data was not showing on the static post front page.

1.5.2

Release Date: October 12th, 2020

Bugfix
- WooCommerce CSS updates.

1.5.3

Release Date: October 14th, 2020

Bugfix
- WooCommerce updates.

1.5.6

Release Date: December 4th, 2020

Update
- Minor updates to code.

1.6

Release Date: December 7th, 2020

Update
- Added sitemap generation.

1.6.1

Release Date: December 7th, 2020

Update
- added htmlspecialchars() to url for sitemap.

1.6.2

Release Date: December 8th, 2020

Update
- updated the date format in sitemap.

1.6.4

Release Date: December 9th, 2020

Update
- Disabled sitemap generation on admin_init
- Removed noindex, nofollow pages (Simple SEO) from sitemap
- Added more translation features/options (more coming soon.)
- Added action for transition_post_status to update sitemap, if sitemap generation is enabled.

1.6.5

Release Date: December 9th, 2020

Bugfix
- Modified the transition_post_status

1.6.6

Release Date: Jan 1st, 2021

Update
- Added some more translation capabiltiies
- Added the abilty to import infor from All in One SEO and Rank Math. Enjoy!

1.6.7

Release Date: Jan 1st, 2021

Update
- Corrected some typos.

1.6.8

Release Date: March 3rd, 2021

Update
- Corrected some typos.

1.6.9

Release Date: July 19th, 2021

Update
- WordPress 5.8.
- Blog page title shows if using a static page
- Some other minor fixes.
- Added supportt for Google Analytic 4

1.7

Release Date: August 11th, 2021

Bugfix
- Fixed homepage title bug for static page.
- Fixed keywords being erased when using quickedit.

1.7.1

Release Date: October 19th, 2021

New Feature
- Added canonical urls.

1.7.2

Release Date: Jan 20th, 2022

Bugfix
- Taxonomy code updates and meta title fixes provides by Daniel Roth. Thanks Daniel!

1.7.3

Release Date: March 6th, 2022

Bugfix
- Search title update. Thanks Daniel Roth!

1.7.4

Release Date: March 6th, 2022

Bugfix
- og and twitter title update.

1.7.5

Release Date: March 14th, 2022

Bugfix
- Category forwardslash issue fix. Thanks Daniel Roth!

1.7.7

Release Date: May 8th, 2022

Update for WP 6.0

1.7.8

Release Date: June 20th, 2022

Archive pages titles, descriptions, og data fixed!
Sitemaps fixed; for now it will only show pages and posts. Recommend using WordPress built in Sitemap as this sitemap feature will be removed in the future.

1.7.9

Release Date: July 10th, 2022