Sensitive Data Exposure Vulnerability in All In One SEO Pack by Syed Balkhi
CVE-2025-64295

6.5MEDIUM

Key Information:

Vendor: WordPress
Status: All In One Seo Pack
Vendor: CVE Published:; 18 December 2025

What is CVE-2025-64295?

The All In One SEO Pack plugin by Syed Balkhi presents a vulnerability that allows for the retrieval of sensitive information embedded within sent data. This affects versions of the plugin from inception through version 4.8.6.1. Attackers could potentially exploit this flaw to access confidential data, emphasizing the need for users to update their installations and ensure proper security measures are in place to safeguard sensitive content.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

All In One SEO Pack <= n/a

References

https://patchstack.com/database/Wordpress/Plugin/all-in-o...

vdb-entry

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 18, 2025
Vulnerability Reserved
Oct 29, 2025

Credit

Abu Hurayra | Patchstack Bug Bounty Program

JSON

WordPress