Plugin Vulnerabilities
| 2019-07-09 | Yoast SEO 1.2.0-11.5 - Authenticated Stored XSS | fixed in version 11.6 |
| 2018-11-20 | Yoast SEO <= 9.1 - Authenticated Race Condition | fixed in version 9.2 |
| 2017-11-15 | Yoast SEO <= 5.7.1 - Authenticated Cross-Site Scripting (XSS) | fixed in version 5.8 |
| 2016-08-02 | Yoast SEO <= 3.4.0 - Authenticated Stored Cross-Site Scripting (XSS) | fixed in version 3.4.1 |
| 2016-06-14 | Yoast SEO <= 3.2.5 - Unspecified Cross-Site Scripting (XSS) | fixed in version 3.3.0 |
| 2016-05-06 | Yoast SEO <= 3.2.4 - Subscriber Settings Sensitive Data Exposure | fixed in version 3.2.5 |
| 2015-06-12 | Yoast SEO <= 2.1.1 - Authenticated Stored DOM XSS | fixed in version 2.2 |
| 2015-03-11 | Yoast SEO <= 1.7.3.3 - Blind SQL Injection | fixed in version 1.7.4 |
| 2014-08-01 | Yoast SEO < 1.4.7 - Reset Settings Feature Access Restriction Bypass | fixed in version 1.4.7 |
| 2014-08-01 | Yoast SEO - Security issue which allowed any user to reset settings | fixed in version 1.4.5 |
Is this your plugin?
We offer WordPress plugin security testing to help identify security vulnerabilities within your plugin. Please note that this is a paid service. If you are interested in talking about having your plugin tested by WordPress security experts, get in touch.
