3 matches found
CVE-2015-2292
CVE-2015-2292 affects WordPress Yoast SEO Plugin versions before 1.5.7, 1.6.x before 1.6.4, and 1.7.x before 1.7.4. The root cause is SQL injection in admin/class-bulk-editor-list-table.php via the wpseo_bulk-editor page, exploitable by remote authenticated users and potentially via CSRF. Impact ...
KLA10481 Multiple vulnerabilities in WordPress SEO plugin
Multiple CSRF and SQL injection vulnerabilities were found in WordPress SEO plugin. These vulnerabilities can be exploited remotely via vectors related to wpseobulk-editor page. Original advisories Plugin changelog Exploitation Public exploits exist for this vulnerability. Related products...
WordPress SEO by Yoast Plugin SQL Injection (CVE-2015-2292)
An SQL injection vulnerability has been reported in WordPress SEO by Yoast Plugin. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...