Yoast

Yoast Seo

16 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.3

CVE-2021-25118

Exploit
  • EPSS 5.79%
  • Veröffentlicht 28.02.2022 09:15:08
  • Zuletzt bearbeitet 21.11.2024 05:54:23

The Yoast SEO WordPress plugin (from versions 16.7 until 17.2) discloses the full internal path of featured images in posts via the wp/v2/posts REST endpoints which could help an attacker identify other vulnerabilities or help during the exploitation...

5.4

CVE-2021-36788

  • EPSS 0.47%
  • Veröffentlicht 13.08.2021 17:15:16
  • Zuletzt bearbeitet 21.11.2024 06:14:06

The yoast_seo (aka Yoast SEO) extension before 7.2.3 for TYPO3 allows XSS.

6.4

CVE-2021-31779

  • EPSS 0.47%
  • Veröffentlicht 28.04.2021 07:15:07
  • Zuletzt bearbeitet 21.11.2024 06:06:12

The yoast_seo (aka Yoast SEO) extension before 7.2.1 for TYPO3 allows SSRF via a backend user account.

5.4

CVE-2021-24153

Exploit
  • EPSS 1.12%
  • Veröffentlicht 05.04.2021 19:15:14
  • Zuletzt bearbeitet 21.11.2024 05:52:28

A Stored Cross-Site Scripting vulnerability was discovered in the Yoast SEO WordPress plugin before 3.4.1, which had built-in blacklist filters which were blacklisting Parenthesis as well as several functions such as alert but bypasses were found.

9.8

CVE-2019-13478

  • EPSS 3.3%
  • Veröffentlicht 09.07.2019 23:15:10
  • Zuletzt bearbeitet 21.11.2024 04:24:59

The Yoast SEO plugin before 11.6-RC5 for WordPress does not properly restrict unfiltered HTML in term descriptions.

6.6

CVE-2018-19370

Exploit
  • EPSS 3.21%
  • Veröffentlicht 28.11.2018 22:29:00
  • Zuletzt bearbeitet 21.11.2024 03:57:49

A Race condition vulnerability in unzip_file in admin/import/class-import-settings.php in the Yoast SEO (wordpress-seo) plugin before 9.2.0 for WordPress allows an SEO Manager to perform command execution on the Operating System via a ZIP import.