9 matches found
CVE-2026-1293
The Yoast SEO – Advanced SEO with real-time guidance and built-in AI plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the the yoast-schema block attribute in all versions up to, and including, 26.8 due to insufficient input sanitization and output escaping. This makes it...
CVE-2026-1293
The Yoast SEO – Advanced SEO with real-time guidance and built-in AI plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the the yoast-schema block attribute in all versions up to, and including, 26.8 due to insufficient input sanitization and output escaping. This makes it...
CVE-2026-1293 Yoast SEO <= 26.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'yoast-schema' Block Attribute
The Yoast SEO – Advanced SEO with real-time guidance and built-in AI plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the the yoast-schema block attribute in all versions up to, and including, 26.8 due to insufficient input sanitization and output escaping. This makes it...
CVE-2026-1293 Yoast SEO <= 26.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'yoast-schema' Block Attribute
The Yoast SEO – Advanced SEO with real-time guidance and built-in AI plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the the yoast-schema block attribute in all versions up to, and including, 26.8 due to insufficient input sanitization and output escaping. This makes it...
EUVD-2026-5687
The Yoast SEO – Advanced SEO with real-time guidance and built-in AI plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the the yoast-schema block attribute in all versions up to, and including, 26.8 due to insufficient input sanitization and output escaping. This makes it...
CVE-2026-1293
CVE-2026-1293 affects the WordPress Yoast SEO plugin (versions prior to 26.9, i.e., up to 26.8) with a Stored Cross‑Site Scripting vulnerability in the yoast-schema block attribute. The root cause is insufficient input sanitization and output escaping, enabling authenticated attackers with Contri...
WordPress Yoast SEO plugin <= 26.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'yoast-schema' Block Attribute vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via 'yoast-schema' Block Attribute vulnerability discovered by dragonzenai - AhnLab in WordPress Plugin Yoast SEO versions = 26.8...
PT-2026-6718
Name of the Vulnerable Software and Affected Versions Yoast SEO versions prior to 26.9 Description The Yoast SEO plugin for WordPress is affected by a Stored Cross-Site Scripting issue. Insufficient input sanitization and output escaping in the yoast-schema block attribute allows authenticated...
WordPress plugin Yoast SEO 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...