Description

WordPress Plugin Remove Yoast SEO comments is prone to an unspecified vulnerability. No available information exists regarding this issue and it's impact on a vulnerable website. WordPress Plugin Remove Yoast SEO comments version 1.0.4 is vulnerable; prior versions may also be affected.

Remediation

Update to plugin version 1.0.5 or latest

References

https://www.jitbit.com/alexblog/256-targetblank---the-most-underestimated-vulnerability-ever/

https://core.trac.wordpress.org/ticket/36809

https://wordpress.org/plugins/remove-yoast-seo-comments/changelog/

Related Vulnerabilities

PHP Numeric Errors Vulnerability (CVE-2011-1471)

WordPress Plugin Bookmarkify Multiple Vulnerabilities (2.9.2)

Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-0129)

WebERP Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2020-22474)

phpMyFAQ Sensitive Cookie in HTTPS Session Without 'Secure' Attribute Vulnerability (CVE-2023-5866)

Severity

High

Tags

Missing Update