Description
WordPress Plugin Yoast SEO is prone to an information disclosure vulnerability. Attackers can exploit this issue to disclose plugin settings and post metadata relative to focus and terms keywords. WordPress Plugin Yoast SEO version 3.2.4 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 3.2.5 or latest
References
https://www.wordfence.com/blog/2016/05/yoast-seo-vulnerability/
https://www.pluginvulnerabilities.com/2016/05/11/information-disclosure-vulnerability-in-yoast-seo/
Related Vulnerabilities
Joomla! Core Security Bypass (2.5.0 - 3.9.19)
LimeSurvey Incorrect Default Permissions Vulnerability (CVE-2019-16183)
WordPress Plugin Admin Management Xtended Privilege Escalation (2.4.0)
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-3553)
Werkzeug WSGI Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-25577)