Sensitive Data Exposure Vulnerability in All In One SEO Pack by Syed Balkhi
CVE-2025-64295

Currently unrated

Key Information:

Vendor

WordPress
Status
All In One Seo Pack
Vendor
CVE Published:
18 December 2025

What is CVE-2025-64295?

The All In One SEO Pack plugin by Syed Balkhi presents a vulnerability that allows for the retrieval of sensitive information embedded within sent data. This affects versions of the plugin from inception through version 4.8.6.1. Attackers could potentially exploit this flaw to access confidential data, emphasizing the need for users to update their installations and ensure proper security measures are in place to safeguard sensitive content.

Affected Version(s)

All In One SEO Pack <= n/a

References

https://vdp.patchstack.com/database/Wordpress/Plugin/all-...
vdb-entry

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Abu Hurayra | Patchstack Bug Bounty Program
JSON
.
CVE-2025-64295 : Sensitive Data Exposure Vulnerability in All In One SEO Pack by Syed Balkhi