Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
4.3
Squirrly SEO Plugin for WordPress: Unauthorized Access to Cloud Data
CVE-2025-14342
Summary
The Squirrly SEO Plugin for WordPress is affected by a security issue that allows attackers with Subscriber-level access or above to disconnect the site from Squirrly's cloud service. This could lead to data loss or disruption of website functionality. To stay safe, update to the latest version of the plugin as soon as possible.
Original title
The SEO Plugin by Squirrly SEO plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the sq_ajax_uninstall function in all versions up to, and...
Original description
The SEO Plugin by Squirrly SEO plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the sq_ajax_uninstall function in all versions up to, and including, 12.4.14. This makes it possible for authenticated attackers, with Subscriber-level access and above, to disconnect the site from Squirrly's cloud service.
nvd CVSS3.1
4.3
Vulnerability type
CWE-862
Missing Authorization
Published: 19 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026