CVE-2021-24153
N/A
N/A
Summary
A Stored Cross-Site Scripting vulnerability was discovered in the Yoast SEO WordPress plugin before 3.4.1, which had built-in blacklist filters which were blacklisting Parenthesis as well as several functions such as alert but bypasses were found.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Unknown | Yoast SEO | 3.4.1 < 3.4.1 | affected |
Weaknesses
- CWE-79: CWE-79 Cross-site Scripting (XSS)
ADP Enrichment
CVE Program Container
Additional References
- https://wpscan.com/vulnerability/77810044-394d-4314-b9a1-20c7dca726dc
- https://plugins.trac.wordpress.org/changeset/1466243/wordpress-seo
- https://packetstormsecurity.com/files/138192/
References
- https://wpscan.com/vulnerability/77810044-394d-4314-b9a1-20c7dca726dc
- https://plugins.trac.wordpress.org/changeset/1466243/wordpress-seo
- https://packetstormsecurity.com/files/138192/
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.