Description

WordPress Plugin Remove Yoast SEO comments is prone to an unspecified vulnerability. No available information exists regarding this issue and it's impact on a vulnerable website. WordPress Plugin Remove Yoast SEO comments version 1.0.4 is vulnerable; prior versions may also be affected.

Remediation

Update to plugin version 1.0.5 or latest

References

https://www.jitbit.com/alexblog/256-targetblank---the-most-underestimated-vulnerability-ever/

https://core.trac.wordpress.org/ticket/36809

https://wordpress.org/plugins/remove-yoast-seo-comments/changelog/

Related Vulnerabilities

Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-2661)

Elgg Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3733)

Grafana Server-Side Request Forgery (SSRF) Vulnerability (CVE-2020-13379)

Envoy Proxy Reachable Assertion Vulnerability (CVE-2021-29258)

WordPress for Google Maps-WP MAPS Cross-Site Scripting (4.0.3)

Severity

High

Tags

Missing Update