VulnTitan VulnTitan Security command center
Plugin Vulnerability Hub
Plugin 4 known issues Latest disclosed Dec 11, 2024

Schema App Structured Data Vulnerabilities

Review known vulnerability records for the WordPress plugin Schema App Structured Data (`schema-app-structured-data-for-schemaorg`), including severity, CVE references, affected versions, and patch status.

Recent tracked CVEs on this page include CVE-2024-11279, CVE-2024-0892 and CVE-2024-0893, so operators can jump from disclosure to patch validation without scanning the full feed first.

View on WordPress.org Back to Feed
Known Records
4
High or Critical
0
Patch Coverage
100%
Last Updated
Dec 21, 2024
Priority CVE Quick Links

Fast paths into Schema App Structured Data CVE reports

Start with the highest-signal CVE records for this WordPress plugin before scanning the full vulnerability feed.

Indexed CVEs
4
CVE-2024-11279 Medium 2.2.5
CVE-2024-11279 Schema App Structured Data Cross-Site Scripting

Schema App Structured Data <= 2.2.4 - Reflected Cross-Site Scripting

CVE-2023-44258 Medium 1.22.4
CVE-2023-44258 Schema App Structured Data Vulnerability

Schema App Structured Data <= 1.22.3 - Missing Authorization via page_init

CVE-2024-0892 Medium 2.2.1
CVE-2024-0892 Schema App Structured Data Cross-Site Request Forgery

Schema App Structured Data <= 2.2.0 - Cross-Site Request Forgery

CVE-2024-0893 Medium 2.2.1
CVE-2024-0893 Schema App Structured Data Vulnerability

Schema App Structured Data <= 2.2.0 - Missing Authorization

Coverage Snapshot

What this page helps you verify fast

This hub clusters every indexed record for Schema App Structured Data so operators can confirm whether a disclosed issue maps to the installed slug, version range, and patch path.

Patch Visibility
4 records include a published patch path, leaving 0 with no listed safe release yet.
Severity Mix
0 critical and 0 high severity findings.
Recent CVEs
CVE-2024-11279, CVE-2024-0892 and CVE-2024-0893
Reference Workflow
Jump from the hub into the full report when you need remediation notes, exploit context, CVSS vectors, or source references.
Triage First

Open the records most likely to drive action

These recent records surface the CVE strings, patch cues, and direct report links most operators need first.

Known Vulnerabilities

Reports for Schema App Structured Data

Sorted by latest disclosure date so newly published issues surface first.

Plugin Medium Patched: Yes CVE-2024-11279
CVE-2024-11279: Schema App Structured Data <= 2.2.4 - Reflected Cross-Site Scripting

The Schema App Structured Data plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 2.2.4. This makes it possible for unauthenticated attackers to inject...

Published
Dec 11, 2024
Patched Release
2.2.5
Affected Versions
Versions up to 2.2.4
Next Step
Update to 2.2.5 or newer if supported.
Open CVE-2024-11279 Report Open CVE Reference
Plugin Medium Patched: Yes CVE-2024-0892
CVE-2024-0892: Schema App Structured Data <= 2.2.0 - Cross-Site Request Forgery

The Schema App Structured Data plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2.0. This is due to missing or incorrect nonce validation on the MarkUpdate function. This makes it possible for unauthenticated attackers to up...

Published
Jun 13, 2024
Patched Release
2.2.1
Affected Versions
Versions up to 2.2.0
Next Step
Update to 2.2.1 or newer if supported.
Open CVE-2024-0892 Report Open CVE Reference
Plugin Medium Patched: Yes CVE-2024-0893
CVE-2024-0893: Schema App Structured Data <= 2.2.0 - Missing Authorization

The Schema App Structured Data plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the MarkupUpdate function in all versions up to, and including, 2.2.0. This makes it possible for authenticated attackers, with subscriber a...

Published
May 23, 2024
Patched Release
2.2.1
Affected Versions
Versions up to 2.2.0
Next Step
Update to 2.2.1 or newer if supported.
Open CVE-2024-0893 Report Open CVE Reference
Plugin Medium Patched: Yes CVE-2023-44258
CVE-2023-44258: Schema App Structured Data <= 1.22.3 - Missing Authorization via page_init

The Schema App Structured Data plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the page_init function in versions up to, and including, 1.22.3. This makes it possible for unauthenticated attackers to delete the plugin's transie...

Published
Sep 27, 2023
Patched Release
1.22.4
Affected Versions
Versions up to 1.22.3
Next Step
Update to 1.22.4 or newer if supported.
Open CVE-2023-44258 Report Open CVE Reference