PT-2023-21960 · Yoast · Yoast Seo
Rafie Muhammad
·
Published
2023-05-28
·
Updated
2023-06-01
·
CVE-2023-28785
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L |
Name of the Vulnerable Software and Affected Versions
Yoast SEO: Local plugin versions prior to 14.9
Description
A Stored Cross-Site Scripting (XSS) vulnerability exists, allowing contributors or higher-privileged users to inject malicious scripts.
Recommendations
For versions prior to 14.9, update to version 14.9 or later to resolve the issue.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Yoast Seo