CVE-2024-4984 – Yoast SEO <= 22.6 - Authenticated (Contributor+) Stored Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2024-4984
The Yoast SEO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘display_name’ author meta in all versions up to, and including, 22.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. • https://developer.yoast.com/changelog/yoast-seo/22.7 https://github.com/Yoast/wordpress-seo/pull/21334 https://plugins.trac.wordpress.org/changeset/3079234/wordpress-seo/trunk/src/presenters/slack/enhanced-data-presenter.php https://www.wordfence.com/threat-intel/vulnerabilities/id/59bcd246-ca2f-4336-9a6e-89afe873ed25?source=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2024-4041 – Yoast SEO <= 22.5 - Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2024-4041
The Yoast SEO plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via URLs in all versions up to, and including, 22.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. El complemento Yoast SEO para WordPress es vulnerable a Cross-Site Scripting Reflejado a través de URL en todas las versiones hasta la 22.5 incluida debido a una sanitización de entrada y un escape de salida insuficientes. Esto hace posible que atacantes no autenticados inyecten scripts web arbitrarios en páginas que se ejecutan si logran engañar a un usuario para que realice una acción como hacer clic en un enlace. • https://plugins.trac.wordpress.org/browser/wordpress-seo/trunk/inc/class-wpseo-admin-bar-menu.php#L601 https://plugins.trac.wordpress.org/browser/wordpress-seo/trunk/inc/class-wpseo-shortlinker.php#L20 https://plugins.trac.wordpress.org/browser/wordpress-seo/trunk/src/helpers/short-link-helper.php#L105 https://plugins.trac.wordpress.org/browser/wordpress-seo/trunk/src/helpers/short-link-helper.php#L45 https://plugins.trac.wordpress.org/changeset/3078555/wordpress-seo/trunk#file129 https://www.wordfenc • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2023-40680 – WordPress Yoast SEO Plugin <= 21.0 is vulnerable to Cross Site Scripting (XSS)
https://notcve.org/view.php?id=CVE-2023-40680
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Team Yoast Yoast SEO allows Stored XSS.This issue affects Yoast SEO: from n/a through 21.0. Neutralización inadecuada de la entrada durante la vulnerabilidad de generación de páginas web ('Cross-site Scripting') en Team Yoast Yoast SEO permite almacenar XSS. Este problema afecta a Yoast SEO: desde n/a hasta 21.0. The Yoast SEO plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 21.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with seo manager-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. • https://patchstack.com/database/vulnerability/wordpress-seo/wordpress-yoast-seo-plugin-21-0-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2021-25118 – Yoast SEO 16.7-17.2 - Unauthenticated Full Path Disclosure
https://notcve.org/view.php?id=CVE-2021-25118
The Yoast SEO WordPress plugin (from versions 16.7 until 17.2) discloses the full internal path of featured images in posts via the wp/v2/posts REST endpoints which could help an attacker identify other vulnerabilities or help during the exploitation of other identified vulnerabilities. El plugin Yoast SEO WordPress (desde la versión 16.7 hasta la 17.2) revela la ruta interna completa de las imágenes destacadas en las entradas a través de los puntos finales REST wp/v2/posts, lo que podría ayudar a un atacante a identificar otras vulnerabilidades o ayudar durante la explotación de otras vulnerabilidades identificadas The Yoast SEO plugin for WordPress is vulnerable to Sensitive Data Exposure in versions up to, and including, 17.2 via the /wp/v2/posts REST endpoints that discloses the full internal path of featured images from posts. This makes it possible for unauthenticated attackers to extract sensitive data which consists of full site path information which can be used to exploit other vulnerabilities. • https://plugins.trac.wordpress.org/changeset/2608691 https://wpscan.com/vulnerability/2c3f9038-632d-40ef-a099-6ea202efb550 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •