Known Vulnerabilities for products from Yoast
Listed below are 16 of the newest known vulnerabilities associated with the vendor "Yoast".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-24591 json | Not Provided | 2026-01-23 | 2026-04-23 | |
| CVE-2026-1217 json | Not Provided | 2026-03-18 | 2026-04-08 | |
| CVE-2024-4984 json | Not Provided | 2024-05-16 | 2026-04-08 | |
| CVE-2024-4041 json | Not Provided | 2024-05-14 | 2026-04-08 | |
| CVE-2023-40680 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 4.8 - MEDIUM | 2023-11-30 | 2023-12-05 |
| CVE-2023-32300 json | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Yoast Yoast SEO: Local plugin <= 14.8 versions. | 6.1 - MEDIUM | 2023-08-23 | 2023-08-29 |
| CVE-2023-28785 json | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Yoast Yoast SEO: Local plugin <= 14.9 versions. | 5.4 - MEDIUM | 2023-05-28 | 2023-06-01 |
| CVE-2023-28780 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 8.8 - HIGH | 2023-11-18 | 2023-11-30 |
| CVE-2021-36788 json | The yoast_seo (aka Yoast SEO) extension before 7.2.3 for TYPO3 allows XSS. | 5.4 - MEDIUM | 2021-08-13 | 2021-08-20 |
| CVE-2021-31779 json | The yoast_seo (aka Yoast SEO) extension before 7.2.1 for TYPO3 allows SSRF via a backend user account. | 6.4 - MEDIUM | 2021-04-28 | 2021-05-07 |
| CVE-2021-25118 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 5.3 - MEDIUM | 2022-02-28 | 2022-10-27 |
| CVE-2021-24153 json | A Stored Cross-Site Scripting vulnerability was discovered in the Yoast SEO WordPress plugin before 3.4.1, which had built-in... | 5.4 - MEDIUM | 2021-04-05 | 2021-04-09 |
| CVE-2019-13478 json | The Yoast SEO plugin before 11.6-RC5 for WordPress does not properly restrict unfiltered HTML in term descriptions. | 9.8 - CRITICAL | 2019-07-09 | 2023-02-24 |
| CVE-2018-19370 json | A Race condition vulnerability in unzip_file in admin/import/class-import-settings.php in the Yoast SEO (wordpress-seo) plugi... | 6.6 - MEDIUM | 2018-11-28 | 2019-01-31 |
| CVE-2017-20092 json | A vulnerability classified as problematic was found in Google Analytics Dashboard Plugin 2.1.1. Affected by this vulnerabilit... | 6.1 - MEDIUM | 2022-06-24 | 2022-06-30 |
| CVE-2017-16842 json | Cross-site scripting (XSS) vulnerability in admin/google_search_console/class-gsc-table.php in the Yoast SEO plugin before 5.... | 4.8 - MEDIUM | 2017-11-16 | 2017-12-03 |
| CVE-2015-2293 json | Multiple cross-site request forgery (CSRF) vulnerabilities in admin/class-bulk-editor-list-table.php in the WordPress SEO by ... | 6.8 - MEDIUM | 2015-03-17 | 2015-03-18 |
| CVE-2015-2292 json | Multiple SQL injection vulnerabilities in admin/class-bulk-editor-list-table.php in the WordPress SEO by Yoast plugin before ... | 6.5 - MEDIUM | 2015-03-17 | 2016-12-03 |
| CVE-2014-9174 json | Cross-site scripting (XSS) vulnerability in the Google Analytics by Yoast (google-analytics-for-wordpress) plugin before 5.1.... | 4.3 - MEDIUM | 2014-12-02 | 2017-09-08 |
| CVE-2012-6692 json | Cross-site scripting (XSS) vulnerability in js/wp-seo-metabox.js in the WordPress SEO by Yoast plugin before 2.2 for WordPres... | 4.3 - MEDIUM | 2015-06-17 | 2016-11-28 |
Known software with vulnerabilities from Yoast
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Yoast | Wordpress Seo | 1.5.6 |
| Application | Yoast | Yoast Seo | 1.4.15 |