9 matches found
WordPress Yoast SEO – Advanced SEO with real-time guidance and built-in AI plugin <= 26.5 - Insecure Direct Object Reference to Authenticated (Contributor+) Sensitive Information Exposure vulnerability
Insecure Direct Object Reference to Authenticated Contributor+ Sensitive Information Exposure vulnerability discovered by NumeX in WordPress Plugin Yoast SEO versions = 26.5...
WordPress Yoast SEO Plugin < 2.1 XSS Vulnerability
The WordPress plugin SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:yoast:yoastseo"; if description...
WordPress Yoast SEO Plugin < 3.4.1 XSS Vulnerability
The WordPress plugin SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:yoast:yoastseo"; if description...
WordPress Yoast SEO Plugin <= 22.6 is vulnerable to Cross Site Scripting (XSS)
Software Yoast SEO Type Plugin Vulnerable versions = 22.6 Fixed in 22.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4984 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 21bb7363bcf7 Credits rob006 Required privilege...
WordPress Yoast SEO Plugin <= 21.0 is vulnerable to Cross Site Scripting (XSS)
Software Yoast SEO Type Plugin Vulnerable versions = 21.0 Fixed in 21.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-40680 Patch priority Medium CVSS severity Medium 5.9 Developer Claim ownership PSID c49205f84c75 Credits Rafie Muhammad Patchstack Required...
WordPress Yoast SEO: Local Plugin <= 14.9 is vulnerable to Cross Site Scripting (XSS)
Software Yoast SEO: Local Type Plugin Vulnerable versions = 14.9 Fixed in 15.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-28785 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 24eda6213577 Credits Rafie Muhammad Patchstac...
WordPress Yoast SEO Premium Plugin <= 20.4 is vulnerable to Broken Access Control
Software Yoast SEO Premium Type Plugin Vulnerable versions = 20.4 Fixed in 20.5 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-28775 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 5c54141d1cb7 Credits Rafie Muhammad Patchstack...
WordPress Yoast SEO: Local Plugin <= 14.8 is vulnerable to Cross Site Scripting (XSS)
Software Yoast SEO: Local Type Plugin Vulnerable versions = 14.8 Fixed in 14.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-32300 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 28e5acd1438d Credits Rafie Muhammad...
WordPress Yoast SEO Plugin < 5.8.0 XSS Vulnerability
The WordPress plugin SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description scriptoid"1.3.6.1.4.1.25623.1.0.112127";...