CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-28775 – WordPress Yoast SEO Premium plugin <= 20.4 - Unauthenticated Zapier API Key Reset vulnerability
https://notcve.org/view.php?id=CVE-2023-28775
Missing Authorization vulnerability in Yoast Yoast SEO Premium.This issue affects Yoast SEO Premium: from n/a through 20.4. Vulnerabilidad de autorización faltante en Yoast Yoast SEO Premium. Este problema afecta a Yoast SEO Premium: desde n/a hasta 20.4. The Yoast SEO Premium plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check in versions up to, and including, 20.4. This makes it possible for unauthenticated attackers to disconnect a Zapier API Key. • https://patchstack.com/database/vulnerability/wordpress-seo-premium/wordpress-yoast-seo-premium-plugin-20-4-unauthenticated-zapier-api-key-reset-vulnerability?_s_id=cve • CWE-862: Missing Authorization •