CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 12 hours ago•6 views

CVE-2026-40722

CVE-2026-40722 : Missing Authorization vulnerability in Yoast SEO Premium for WordPress (plugin

5.5CVSS5.2AI score

Cvelist•added 12 hours ago•3 views

CVE-2026-40722 WordPress Yoast SEO Premium plugin <= 26.6 - Broken Access Control vulnerability

5.5CVSS

RedhatCVE•added 2026/06/05 7:42 p.m.•6 views

CVE-2025-14481

The Yoast SEO plugin for WordPress is vulnerable to Insecure Direct Object References in all versions up to, and including, 26.5. This is due to insufficient authorization checks in the Meta Search REST API endpoint that fail to verify post ownership. This makes it possible for authenticated...

4.3CVSS5.4AI score0.00211EPSS

NVD•added 2026/05/27 5:16 a.m.•10 views

CVE-2025-14481

4.3CVSS0.00211EPSS

ATTACKERKB•added 2026/05/27 4:28 a.m.•5 views

CVE-2025-14481

4.3CVSS5.7AI score0.00211EPSS

EUVD•added 2026/05/27 4:28 a.m.•7 views

EUVD-2025-209950

4.3CVSS5.7AI score0.00211EPSS

Cvelist•added 2026/05/27 4:28 a.m.•30 views

CVE-2025-14481 Yoast SEO <= 26.5 - Insecure Direct Object Reference to Authenticated (Contributor+) Sensitive Information Exposure via 'post_id' Parameter

4.3CVSS0.00211EPSS

CNNVD•added 2026/05/27 12:0 a.m.•15 views

WordPress plugin Yoast SEO 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

4.3CVSS5.9AI score0.00211EPSS

Patchstack•added 2026/05/26 3:59 p.m.•6 views

WordPress Yoast SEO – Advanced SEO with real-time guidance and built-in AI plugin <= 26.5 - Insecure Direct Object Reference to Authenticated (Contributor+) Sensitive Information Exposure vulnerability

Insecure Direct Object Reference to Authenticated Contributor+ Sensitive Information Exposure vulnerability discovered by NumeX in WordPress Plugin Yoast SEO versions = 26.5...

4.3CVSS5.8AI score0.00211EPSS

Exploits0References1Affected Software1

Patchstack•added 2026/03/23 8:10 p.m.•5 views

WordPress Yoast SEO plugin <= 27.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'jsonText' Block Attribute vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'jsonText' Block Attribute vulnerability discovered by Osvaldo Noe Gonzalez Del Rio Os - krei.dev | ogbuilders.io in WordPress Plugin Yoast SEO versions = 27.1.1...

6.4CVSS5.8AI score0.00193EPSS

Exploits0References1Affected Software1

EUVD•added 2026/03/22 6:30 a.m.•4 views

EUVD-2026-14273

The Yoast SEO – Advanced SEO with real-time guidance and built-in AI plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the the jsonText block attribute in all versions up to, and including, 27.1.1 due to insufficient input sanitization and output escaping. This makes it possib...

Vulnrichment•added 2026/03/22 3:26 a.m.•3 views

CVE-2026-3427 Yoast SEO <= 27.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'jsonText' Block Attribute

Cvelist•added 2026/03/22 3:26 a.m.•32 views

CVE-2026-3427 Yoast SEO <= 27.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'jsonText' Block Attribute

6.4CVSS0.00193EPSS

ATTACKERKB•added 2026/03/22 3:26 a.m.•2 views

CVE-2026-3427

CVE•added 2026/03/22 3:26 a.m.•50 views

CVE-2026-3427

The Yoast SEO – Advanced SEO with real-time guidance and built-in AI plugin for WordPress is affected by CVE-2026-3427: Stored Cross-Site Scripting via the jsonText block attribute in all versions up to 27.1.1. The vulnerability stems from insufficient input sanitization and output escaping. With...

Positive Technologies•added 2026/03/22 12:0 a.m.•4 views

PT-2026-26964

CNNVD•added 2026/03/22 12:0 a.m.•3 views

WordPress plugin Yoast SEO 跨站脚本漏洞

6.4CVSS5.7AI score0.00193EPSS