Home » Vulnerabilities » Code execution vulnerability in Yoast SEO 9.1.0

Latest

Code execution vulnerability in Yoast SEO 9.1.0

CVE-2018-19370

Severity: medium-risk
Status: Fixed
Publication: November 6, 2018

A security issue was discovered in the Yoast SEO plugin for WordPress before version 9.2.0. An SEO Manager could use the “”ZIP import”” feature to execute commands on the computer’s operating system

Detected in:

Yoast SEO fixed vulnerable versions: >= * <= 9.1.0

Yoast SEO – Advanced SEO with real-time guidance and built-in AI fixed vulnerable versions:

Open source

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

Incorrect?

Is this information incorrect? Please leave us a message.

Latest

Configuring Really Simple Security with WP-CLI

How to Fix The “Link you followed has Expired” error on WordPress

404 not found errors

Code execution vulnerability in Yoast SEO 9.1.0

Detected in:

Join our mailing list - 6 Tips & Tricks in your inbox over the next days!

Plugins

Get Started

About

Popular articles

Latest

Passkeys: no need for Limit Login Attempts?

Configuring Really Simple Security with WP-CLI

How to Fix The “Link you followed has Expired” error on WordPress

404 not found errors

Code execution vulnerability in Yoast SEO 9.1.0

Detected in: