Lucene search
+L

336 matches found

OpenVAS
OpenVAS
added 2019/02/18 12:0 a.m.118 views

WordPress Yoast SEO Plugin < 9.2.0 Race Condition Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description scriptoid"1.3.6.1.4.1.25623.1.0.112515";...

6.6CVSS6.5AI score0.03205EPSS
Exploits1References2
Patchstack
Patchstack
added 2018/12/13 12:0 a.m.12 views

WordPress <= 5.0 - User Activation Screen Search Engine Indexing

User Activation Screen Search Engine Indexing found by Yoast in WordPress versions = 5.0. Solution Update WordPress to the latest available version at least 5.0.1...

2.4AI score
Exploits0References1Affected Software1
Veracode
Veracode
added 2018/11/30 4:51 a.m.24 views

Remote Code Execution (RCE)

yoast/wordpress-seo is vulnerable to remote code execution. An SEO Manager is able to execute arbitrary OS commands via a ZIP import through a race condition vulnerability in unzipfile in admin/import/class-import-settings.php...

6.6CVSS7.4AI score0.03205EPSS
Exploits1References5Affected Software1
CNVD
CNVD
added 2018/11/29 12:0 a.m.5 views

WordPress Yoast SEO Plugin Competitive Conditions Vulnerability

WordPress is the WordPress Software Foundation of a set of blogging platform developed using the PHP language, the platform supports PHP and MySQL servers to set up a personal blog site. Yoast SEO wordpress-seo plugin is used in one of the search engine optimization plugin. A competitive conditio...

6.6CVSS7AI score0.03205EPSS
Exploits1References1
Prion
Prion
added 2018/11/28 10:29 p.m.28 views

Race condition

A Race condition vulnerability in unzipfile in admin/import/class-import-settings.php in the Yoast SEO wordpress-seo plugin before 9.2.0 for WordPress allows an SEO Manager to perform command execution on the Operating System via a ZIP import...

6CVSS6.6AI score0.03205EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2018/11/28 10:29 p.m.7 views

CVE-2018-19370

A Race condition vulnerability in unzipfile in admin/import/class-import-settings.php in the Yoast SEO wordpress-seo plugin before 9.2.0 for WordPress allows an SEO Manager to perform command execution on the Operating System via a ZIP import...

6.6CVSS5.9AI score0.03205EPSS
Exploits1References3
NVD
NVD
added 2018/11/28 10:29 p.m.22 views

CVE-2018-19370

A Race condition vulnerability in unzipfile in admin/import/class-import-settings.php in the Yoast SEO wordpress-seo plugin before 9.2.0 for WordPress allows an SEO Manager to perform command execution on the Operating System via a ZIP import...

6.6CVSS6.6AI score0.03205EPSS
Exploits1References3
Cvelist
Cvelist
added 2018/11/28 10:0 p.m.24 views

CVE-2018-19370

A Race condition vulnerability in unzipfile in admin/import/class-import-settings.php in the Yoast SEO wordpress-seo plugin before 9.2.0 for WordPress allows an SEO Manager to perform command execution on the Operating System via a ZIP import...

6.6AI score0.03205EPSS
Exploits1References3
CVE
CVE
added 2018/11/28 10:0 p.m.116 views

CVE-2018-19370

The CVE-2018-19370 entry concerns Yoast SEO (wordpress-seo) plugin for WordPress, specifically versions before 9.2.0. A race-condition in unzip_file (admin/import/class-import-settings.php) allows an SEO Manager to execute OS commands via a ZIP import. Public sources in the connected documents co...

6.6CVSS6.5AI score0.03205EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2018/11/20 12:0 a.m.9 views

WordPress Yoast SEO plugin <= 9.1.0 - Authenticated Command Execution vulnerability

Authenticated Command Execution vulnerability found by Dimopoulos Elias in WordPress Yoast SEO plugin versions = 9.1. Solution Update the WordPress Yoast SEO plugin to the latest available version at least 9.2.0...

5.2AI score
Exploits0References1Affected Software1
Packet Storm
Packet Storm
added 2017/11/22 12:0 a.m.72 views

WordPress Yoast SEO Cross Site Scripting

Discoverer: Elias Dimopoulos Linkedin: https://gr.linkedin.com/in/dimopouloselias Vulnerability: Reflected XSS Affected plugin: Yoast SEO plugin alertwindow.location!-- The victim has to have a valid profile under http://victim/wp-admin/admin.php?page=wpseosearchconsole&tab=settings example:...

5.2AI score0.01345EPSS
Exploits3
0day.today
0day.today
added 2017/11/22 12:0 a.m.313 views

WordPress Yoast SEO Cross Site Scripting Vulnerability

Exploit for php platform in category web applications Discoverer: Elias Dimopoulos Linkedin: https://gr.linkedin.com/in/dimopouloselias Vulnerability: Reflected XSS Affected plugin: Yoast SEO plugin alertwindow.location!-- The victim has to have a valid profile under...

7.1AI score0.01345EPSS
Exploits3
CNVD
CNVD
added 2017/11/21 12:0 a.m.12 views

WordPress Yoast SEO Plugin Cross-Site Scripting Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports personal blog sites set up on PHP and MySQL servers.Yoast SEO plugin is one of the search engine optimization plugin. A cross-site scripting vulnerability exists in th...

4.8CVSS6AI score0.01345EPSS
Exploits3References1
Patchstack
Patchstack
added 2017/11/20 12:0 a.m.10 views

WordPress Yoast SEO plugin <=5.7.1 - Unauthenticated Cross-Site Scripting (XSS) vulnerability

Unauthenticated Cross-Site Scripting XSS vulnerability found in WordPress Yoast SEO plugin versions =5.7.1. Vulnerability found in "admin/googlesearchconsole/class-gsc-table.php" of the WordPress Yoast SEO plugin versions before version 5.8.0, and it allows remote attackers to inject arbitrary we...

1.3AI score
Exploits0References1Affected Software1
OpenVAS
OpenVAS
added 2017/11/17 12:0 a.m.63 views

WordPress Yoast SEO Plugin < 5.8.0 XSS Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description scriptoid"1.3.6.1.4.1.25623.1.0.112127";...

4.8CVSS5.1AI score0.01345EPSS
Exploits3References2
OSV
OSV
added 2017/11/16 3:29 a.m.4 views

CVE-2017-16842

Cross-site scripting XSS vulnerability in admin/googlesearchconsole/class-gsc-table.php in the Yoast SEO plugin before 5.8.0 for WordPress allows remote attackers to inject arbitrary web script or HTML...

4.8CVSS5.9AI score0.01345EPSS
Exploits3References3
Prion
Prion
added 2017/11/16 3:29 a.m.21 views

Cross site scripting

Cross-site scripting XSS vulnerability in admin/googlesearchconsole/class-gsc-table.php in the Yoast SEO plugin before 5.8.0 for WordPress allows remote attackers to inject arbitrary web script or HTML...

3.5CVSS5.1AI score0.01345EPSS
Exploits3References3Affected Software1
NVD
NVD
added 2017/11/16 3:29 a.m.26 views

CVE-2017-16842

Cross-site scripting XSS vulnerability in admin/googlesearchconsole/class-gsc-table.php in the Yoast SEO plugin before 5.8.0 for WordPress allows remote attackers to inject arbitrary web script or HTML...

4.8CVSS5.1AI score0.01345EPSS
Exploits3References3
Cvelist
Cvelist
added 2017/11/16 3:0 a.m.29 views

CVE-2017-16842

Cross-site scripting XSS vulnerability in admin/googlesearchconsole/class-gsc-table.php in the Yoast SEO plugin before 5.8.0 for WordPress allows remote attackers to inject arbitrary web script or HTML...

5.1AI score0.01345EPSS
Exploits3References3
CVE
CVE
added 2017/11/16 3:0 a.m.251 views

CVE-2017-16842

CVE-2017-16842: A Cross-Site Scripting (XSS) vulnerability was reported in the Yoast SEO WordPress plugin at versions prior to 5.8.0, affecting the admin/google_search_console/class-gsc-table.php file. The issue allows remote attackers to inject arbitrary script/HTML, commonly via the tab paramet...

4.8CVSS5.1AI score0.01345EPSS
Exploits3References3Affected Software1
Rows per page
Query Builder