Yoast SEO <= 9.1 - Authenticated Race Condition



Description
According to the changelog:

"Race Condition which leads to command execution, by users with SEO Manager roles."
Proof of Concept
According to the researcher:

"[PoC] Not available yet. Poc will be released after 1 week."

Affects Plugin

fixed in version 9.2

References

CVE 2018-19370
PACKETSTORM 150497
URL https://plugins.trac.wordpress.org/changeset/1977260/wordpress-seo
URL https://www.youtube.com/watch?v=nL141dcDGCY
URL https://github.com/Yoast/wordpress-seo/pull/11502/commits/3bfa70a143f5ea3ee1934f3a1703bb5caf139ffa

Classification

Type RCE
OWASP Top 10 A1: Injection
CWE CWE-94

Miscellaneous

Original Researcher Dimopoulos Ilias
Submitter Dimopoulos Ilias
Submitter Twitter gweeperx
Views 26563
Verified No
WPVDB ID 9150

Timeline

Publicly Published 2018-11-20 (12 months ago)
Added 2018-11-20 (12 months ago)
Last Updated 2019-11-01 (12 days ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin