RSS   Vulnerabilities for 'Yoast seo'   RSS

2022-02-28
 
CVE-2021-25118

CWE-200
 

 
The Yoast SEO WordPress plugin before 17.3 discloses the full internal path of featured images in posts via the wp/v2/posts REST endpoints which could help an attacker identify other vulnerabilities or help during the exploitation of other identified vulnerabilities.

 
2021-08-13
 
CVE-2021-36788

CWE-79
 

 
The yoast_seo (aka Yoast SEO) extension before 7.2.3 for TYPO3 allows XSS.

 
2021-04-05
 
CVE-2021-24153

CWE-79
 

 
A Stored Cross-Site Scripting vulnerability was discovered in the Yoast SEO WordPress plugin before 3.4.1, which had built-in blacklist filters which were blacklisting Parenthesis as well as several functions such as alert but bypasses were found.

 
2019-07-09
 
CVE-2019-13478

CWE-20
 

 
The Yoast SEO plugin before 11.6-RC5 for WordPress does not properly restrict unfiltered HTML in term descriptions.

 
2018-11-28
 
CVE-2018-19370

CWE-362
 

 
A Race condition vulnerability in unzip_file in admin/import/class-import-settings.php in the Yoast SEO (wordpress-seo) plugin before 9.2.0 for WordPress allows an SEO Manager to perform command execution on the Operating System via a ZIP import.

 

 >>> Vendor: Yoast 4 Products
Google analytics
Wordpress seo
Yoast seo
Google analytics dashboard


Copyright 2022, cxsecurity.com

 

Back to Top