ThreatPress

WordPress Vulnerabilities Database

Back

WordPress SEO by Yoast Plugin <= 1.7.3 - Multiple Vulnerabilities

Product
Yoast SEO
Description
Multiple cross-site request forgery vulnerabilities exist in admin/class-bulk-editor-list-table.php. Because of these vulnerabilities, the attackers can hijack the authentication of certain users for requests that conduct SQL injection attacks.
Solution
Update the plugin.
Classification
Type Multi
References
CVE Mitre
CVE
Name CVE-2015-2293
Versions
Affected In <= 1.7.3
Fixed In 1.7.4
Disclosure date
2015-03-14