|2019-07-09||Yoast SEO 1.2.0-11.5 - Authenticated Stored XSS||fixed in version 11.6|
|2018-11-20||Yoast SEO <= 9.1 - Authenticated Race Condition||fixed in version 9.2|
|2017-11-15||Yoast SEO <= 5.7.1 - Authenticated Cross-Site Scripting (XSS)||fixed in version 5.8|
|2016-08-02||Yoast SEO <= 3.4.0 - Authenticated Stored Cross-Site Scripting (XSS)||fixed in version 3.4.1|
|2016-06-14||Yoast SEO <= 3.2.5 - Unspecified Cross-Site Scripting (XSS)||fixed in version 3.3.0|
|2016-05-06||Yoast SEO <= 3.2.4 - Subscriber Settings Sensitive Data Exposure||fixed in version 3.2.5|
|2015-06-12||Yoast SEO <= 2.1.1 - Authenticated Stored DOM XSS||fixed in version 2.2|
|2015-03-11||Yoast SEO <= 184.108.40.206 - Blind SQL Injection||fixed in version 1.7.4|
|2014-08-01||Yoast SEO < 1.4.7 - Reset Settings Feature Access Restriction Bypass||fixed in version 1.4.7|
|2014-08-01||Yoast SEO - Security issue which allowed any user to reset settings||fixed in version 1.4.5|
Is this your plugin?
We offer WordPress plugin security testing to help identify security vulnerabilities within your plugin. Please note that this is a paid service. If you are interested in talking about having your plugin tested by WordPress security experts, get in touch.