Lucene search
K

20 matches found

EUVD
EUVD
added 2026/06/17 6:35 p.m.13 views

EUVD-2026-37579

Missing Authorization vulnerability in Yoast BV Yoast SEO Premium allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Yoast SEO Premium: from n/a through 26.6...

5.5CVSS5.3AI score0.00188EPSS
Exploits0References2
NVD
NVD
added 2026/06/17 1:20 p.m.10 views

CVE-2026-40722

Missing Authorization vulnerability in Yoast BV Yoast SEO Premium allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Yoast SEO Premium: from n/a through 26.6...

5.5CVSS0.00188EPSS
Exploits0References1
CVE
CVE
added 2026/06/17 8:40 a.m.27 views

CVE-2026-40722

CVE-2026-40722 : Missing Authorization vulnerability in Yoast SEO Premium for WordPress (plugin

5.5CVSS5.2AI score0.00188EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 8:40 a.m.33 views

CVE-2026-40722 WordPress Yoast SEO Premium plugin <= 26.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in Yoast BV Yoast SEO Premium allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Yoast SEO Premium: from n/a through 26.6...

5.5CVSS0.00188EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/02/18 5:11 p.m.176 views

Exploit for CVE-2024-4041

CVE-2024-4041 Yoast SEO /?page=%22%20onmouseover%3D%...

6.1CVSS5.4AI score0.00832EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2025/10/04 2:0 a.m.3 views

CVE-2025-11241

The Yoast SEO Premium plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions 25.7 to 25.9 due to a flawed regex used to remove an attribute in post content, which can be abused to inject arbitrary HTML attributes, including JavaScript event handlers. This vulnerability allo...

6.4CVSS5.4AI score0.00303EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-32218

Malicious code in bioql PyPI...

6.4CVSS6.6AI score0.00303EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-32410

Malicious code in bioql PyPI...

5.3CVSS9.2AI score0.00351EPSS
Exploits0References1
NVD
NVD
added 2025/10/03 2:15 a.m.5 views

CVE-2025-11241

The Yoast SEO Premium plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions 25.7 to 25.9 due to a flawed regex used to remove an attribute in post content, which can be abused to inject arbitrary HTML attributes, including JavaScript event handlers. This vulnerability allo...

6.4CVSS0.00303EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/10/03 1:56 a.m.11 views

CVE-2025-11241 Yoast SEO Premium 25.7-25.9 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Yoast SEO Premium plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions 25.7 to 25.9 due to a flawed regex used to remove an attribute in post content, which can be abused to inject arbitrary HTML attributes, including JavaScript event handlers. This vulnerability allo...

6.4CVSS0.00303EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/10/03 1:56 a.m.2 views

CVE-2025-11241 Yoast SEO Premium 25.7-25.9 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Yoast SEO Premium plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions 25.7 to 25.9 due to a flawed regex used to remove an attribute in post content, which can be abused to inject arbitrary HTML attributes, including JavaScript event handlers. This vulnerability allo...

6.4CVSS5.1AI score0.00303EPSS
Exploits0References3
CVE
CVE
added 2025/10/03 1:56 a.m.23 views

CVE-2025-11241

The CVE CVE-2025-11241 (Yoast SEO Premium for WordPress) is a stored XSS vulnerability affecting plugin versions 25.7–25.9. It stems from a flawed regex used to strip an attribute in post content, enabling an attacker with Contributor or higher rights to inject arbitrary HTML attributes, includin...

6.4CVSS5.1AI score0.00303EPSS
Exploits0References3
Patchstack
Patchstack
added 2025/10/03 12:58 a.m.7 views

WordPress Yoast SEO Premium plugin 25.7-25.9 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by stealthcopter in WordPress Plugin Yoast SEO Premium versions 25.7-25.9...

6.4CVSS5.5AI score0.00303EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/10/03 12:0 a.m.3 views

WordPress plugin Yoast SEO Premium 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

6.4CVSS5.8AI score0.00303EPSS
Exploits0References3
NVD
NVD
added 2024/06/11 10:15 a.m.37 views

CVE-2023-28775

Missing Authorization vulnerability in Yoast Yoast SEO Premium.This issue affects Yoast SEO Premium: from n/a through 20.4...

5.3CVSS0.00351EPSS
Exploits0References1
CVE
CVE
added 2024/06/11 9:16 a.m.161 views

CVE-2023-28775

CVE-2023-28775 affects Yoast SEO Premium (WordPress plugin) up to version 20.4. The issue is Missing Authorization / Broken Access Control allowing unauthenticated actions (Zapier API key reset). Patch 20.5 fixes it. Recommend upgrading to Yoast SEO Premium 20.5 or later and validating API key co...

5.3CVSS5.3AI score0.00351EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2024/06/11 9:16 a.m.24 views

CVE-2023-28775 WordPress Yoast SEO Premium plugin <= 20.4 - Unauthenticated Zapier API Key Reset vulnerability

Missing Authorization vulnerability in Yoast Yoast SEO Premium.This issue affects Yoast SEO Premium: from n/a through 20.4...

5.3CVSS7.2AI score0.00351EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/06/11 9:16 a.m.61 views

CVE-2023-28775 WordPress Yoast SEO Premium plugin <= 20.4 - Unauthenticated Zapier API Key Reset vulnerability

Missing Authorization vulnerability in Yoast Yoast SEO Premium.This issue affects Yoast SEO Premium: from n/a through 20.4...

5.3CVSS0.00351EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/06/11 12:0 a.m.6 views

WordPress plugin Yoast SEO Premium security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

5.3CVSS6.8AI score0.00351EPSS
Exploits0References3
Patchstack
Patchstack
added 2023/05/09 12:0 a.m.14 views

WordPress Yoast SEO Premium Plugin <= 20.4 is vulnerable to Broken Access Control

Software Yoast SEO Premium Type Plugin Vulnerable versions = 20.4 Fixed in 20.5 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-28775 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 5c54141d1cb7 Credits Rafie Muhammad Patchstack...

5.3CVSS6.6AI score0.00351EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder