2 matches found
CVE-2015-2293
CVE-2015-2293 describes multiple CSRF vulnerabilities in the WordPress SEO by Yoast plugin for WordPress, enabling remote attackers to hijack user authentication and trigger SQL injection via the wpseo_bulk-editor page (parameters: order_by and order). Affected plugin versions: before 1.5.7, 1.6....
KLA10481 Multiple vulnerabilities in WordPress SEO plugin
Multiple CSRF and SQL injection vulnerabilities were found in WordPress SEO plugin. These vulnerabilities can be exploited remotely via vectors related to wpseobulk-editor page. Original advisories Plugin changelog Exploitation Public exploits exist for this vulnerability. Related products...