4 matches found
CVE-2023-28775
Missing Authorization vulnerability in Yoast Yoast SEO Premium.This issue affects Yoast SEO Premium: from n/a through 20.4...
CVE-2023-28775 WordPress Yoast SEO Premium plugin <= 20.4 - Unauthenticated Zapier API Key Reset vulnerability
Missing Authorization vulnerability in Yoast Yoast SEO Premium.This issue affects Yoast SEO Premium: from n/a through 20.4...
CVE-2023-28775
CVE-2023-28775 affects Yoast SEO Premium (WordPress plugin) up to version 20.4. The issue is Missing Authorization / Broken Access Control allowing unauthenticated actions (Zapier API key reset). Patch 20.5 fixes it. Recommend upgrading to Yoast SEO Premium 20.5 or later and validating API key co...
WordPress Yoast SEO Premium Plugin <= 20.4 is vulnerable to Broken Access Control
Software Yoast SEO Premium Type Plugin Vulnerable versions = 20.4 Fixed in 20.5 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-28775 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 5c54141d1cb7 Credits Rafie Muhammad Patchstack...