Untriaged
Permalink
CVE-2023-40680
5.9 MEDIUM
- CVSS version: 3.1
- Attack vector (AV): NETWORK
- Attack complexity (AC): LOW
- Privileges required (PR): HIGH
- User interaction (UI): REQUIRED
- Scope (S): CHANGED
- Confidentiality impact (C): LOW
- Integrity impact (I): LOW
- Availability impact (A): LOW
WordPress Yoast SEO Plugin <= 21.0 is vulnerable to Cross Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Team Yoast Yoast SEO allows Stored XSS.This issue affects Yoast SEO: from n/a through 21.0.
References
- https://patchstack.com/database/vulnerability/wordpress-seo/wordpress-yoast-seo… vdb-entry
- https://patchstack.com/database/vulnerability/wordpress-seo/wordpress-yoast-seo… x_transferred vdb-entry
- https://patchstack.com/database/vulnerability/wordpress-seo/wordpress-yoast-seo… vdb-entry
- https://patchstack.com/database/vulnerability/wordpress-seo/wordpress-yoast-seo… x_transferred vdb-entry
Affected products
wordpress-seo
- =<21.0
Matching in nixpkgs
pkgs.wordpressPackages.plugins.wordpress-seo
None
-
nixos-unstable -
- nixpkgs-unstable 24.9