Lucene search
K
YoastWordpress Seo

4 matches found

CVE
CVE
added 2017/11/16 3:0 a.m.248 views

CVE-2017-16842

CVE-2017-16842: A Cross-Site Scripting (XSS) vulnerability was reported in the Yoast SEO WordPress plugin at versions prior to 5.8.0, affecting the admin/google_search_console/class-gsc-table.php file. The issue allows remote attackers to inject arbitrary script/HTML, commonly via the tab paramet...

4.8CVSS5.1AI score0.01345EPSS
Web
CVE
CVE
added 2015/03/17 3:0 p.m.176 views

CVE-2015-2292

CVE-2015-2292 affects WordPress Yoast SEO Plugin versions before 1.5.7, 1.6.x before 1.6.4, and 1.7.x before 1.7.4. The root cause is SQL injection in admin/class-bulk-editor-list-table.php via the wpseo_bulk-editor page, exploitable by remote authenticated users and potentially via CSRF. Impact ...

6.5CVSS8.4AI score0.05785EPSS
Web
CVE
CVE
added 2015/06/17 6:0 p.m.73 views

CVE-2012-6692

CVE-2012-6692 affects WordPress SEO by Yoast plugin for WordPress, prior to version 2.2. The XSS exists in the snippet preview functionality via the post_title parameter to wp-admin/post-new.php, due to inadequate handling in js/wp-seo-metabox.js. A remote attacker could inject arbitrary script/H...

4.3CVSS6AI score0.03206EPSS
Web
CVE
CVE
added 2015/03/17 3:0 p.m.70 views

CVE-2015-2293

CVE-2015-2293 describes multiple CSRF vulnerabilities in the WordPress SEO by Yoast plugin for WordPress, enabling remote attackers to hijack user authentication and trigger SQL injection via the wpseo_bulk-editor page (parameters: order_by and order). Affected plugin versions: before 1.5.7, 1.6....

6.8CVSS8.4AI score0.01521EPSS
Web