Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
yoast yoast seo vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2019-13478
The Yoast SEO plugin prior to 11.6-RC5 for WordPress does not properly restrict unfiltered HTML in term descriptions.
Yoast Yoast Seo 11.6
Yoast Yoast Seo
8.8
CVSSv3
CVE-2023-28780
Cross-Site Request Forgery (CSRF) vulnerability in Yoast Yoast Local Premium.This issue affects Yoast Local Premium: from n/a up to and including 14.8.
Yoast Yoast Local Seo
6.6
CVSSv3
CVE-2018-19370
A Race condition vulnerability in unzip_file in admin/import/class-import-settings.php in the Yoast SEO (wordpress-seo) plugin prior to 9.2.0 for WordPress allows an SEO Manager to perform command execution on the Operating System via a ZIP import.
Yoast Yoast Seo
6.4
CVSSv3
CVE-2024-4984
The Yoast SEO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘display_name’ author meta in all versions up to, and including, 22.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers...
6.4
CVSSv3
CVE-2021-31779
The yoast_seo (aka Yoast SEO) extension prior to 7.2.1 for TYPO3 allows SSRF via a backend user account.
Yoast Yoast Seo
6.1
CVSSv3
CVE-2024-4041
The Yoast SEO plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via URLs in all versions up to, and including, 22.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated malicious users to inject arbitrary web sc...
6.1
CVSSv3
CVE-2023-32300
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Yoast Yoast SEO: Local plugin <= 14.8 versions.
Yoast Yoast Seo
5.4
CVSSv3
CVE-2023-28785
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Yoast Yoast SEO: Local plugin <= 14.9 versions.
Yoast Yoast Seo
5.4
CVSSv3
CVE-2021-36788
The yoast_seo (aka Yoast SEO) extension prior to 7.2.3 for TYPO3 allows XSS.
Yoast Yoast Seo
5.4
CVSSv3
CVE-2021-24153
A Stored Cross-Site Scripting vulnerability exists in the Yoast SEO WordPress plugin prior to 3.4.1, which had built-in blacklist filters which were blacklisting Parenthesis as well as several functions such as alert but bypasses were found.
Yoast Yoast Seo
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5841
file upload
man-in-the-middle
arbitrary
CVE-2024-27801
CVE-2024-28020
CVE-2024-30080
CVE-2024-30069
CVE-2024-5843
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »