HIGHVulnerability
Verified
Global

NVD HIGH: CVE-2026-9643 — The WP Meta SEO plugin for WordPress is vulnerable to Unauthenticated Stored Cro...

·Source: NIST NVD

Updated:

Executive Summary

The WP Meta SEO plugin for WordPress is vulnerable to Unauthenticated Stored Cross-Site Scripting via the REQUEST_URI server variable in all versions up to, and including, 4.5.18. When the plugin's `wpmsTemplateRedirect()` hook detects a 404, it concatenates `$_SERVER['HTTP_HOST']` with the raw `$_SERVER['REQUEST_URI']` and inserts that value verbatim into the `wp_wpms_links.link_url` column via `

Analysis

The WP Meta SEO plugin for WordPress is vulnerable to Unauthenticated Stored Cross-Site Scripting via the REQUEST_URI server variable in all versions up to, and including, 4.5.18. When the plugin's `wpmsTemplateRedirect()` hook detects a 404, it concatenates `$_SERVER['HTTP_HOST']` with the raw `$_SERVER['REQUEST_URI']` and inserts that value verbatim into the `wp_wpms_links.link_url` column via `$wpdb->insert()`. This makes it possible for unauthenticated attackers to inject arbitrary web scripts that execute whenever an administrator views the plugin's 404 & Redirects admin page (`/wp-admin/admin.php?page=metaseo_broken_link`). CVSS Score: 7.2. Published: 2026-06-24T07:16:30.093.

Indicators of Compromise (1)

CVE (1)
CVE-2026-9643
Source Attribution

Originally published by NIST NVD on Jun 24, 2026. Verified by: NIST.

Related Threats