) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
Search Parameters:
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:yoast:wordpress_seo:2.1.1:*:*:*:*:wordpress:*:*
- CPE Name Search: true
There are 2 matching records.
Displaying matches 1 through 2.
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2017-16842 |
Cross-site scripting (XSS) vulnerability in admin/google_search_console/class-gsc-table.php in the Yoast SEO plugin before 5.8.0 for WordPress allows remote attackers to inject arbitrary web script or HTML. Published: November 15, 2017; 10:29:00 PM -0500 |
V3.0: 4.8 MEDIUM V2.0: 3.5 LOW |
| CVE-2012-6692 |
Cross-site scripting (XSS) vulnerability in js/wp-seo-metabox.js in the WordPress SEO by Yoast plugin before 2.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the post_title parameter to wp-admin/post-new.php, which is not properly handled in the snippet preview functionality. Published: June 17, 2015; 2:59:00 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |