Vulnerabilities > Yoast > Yoast SEO > 3.3.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-30 | CVE-2023-40680 | Cross-site Scripting vulnerability in Yoast SEO Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Team Yoast Yoast SEO allows Stored XSS.This issue affects Yoast SEO: from n/a through 21.0. | 4.8 |
| 2023-08-23 | CVE-2023-32300 | Cross-site Scripting vulnerability in Yoast SEO Unauth. | 6.1 |
| 2023-05-28 | CVE-2023-28785 | Cross-site Scripting vulnerability in Yoast SEO Auth. | 5.4 |
| 2021-04-05 | CVE-2021-24153 | Cross-site Scripting vulnerability in Yoast SEO A Stored Cross-Site Scripting vulnerability was discovered in the Yoast SEO WordPress plugin before 3.4.1, which had built-in blacklist filters which were blacklisting Parenthesis as well as several functions such as alert but bypasses were found. | 3.5 |
| 2019-07-09 | CVE-2019-13478 | Cross-site Scripting vulnerability in Yoast SEO The Yoast SEO plugin before 11.6-RC5 for WordPress does not properly restrict unfiltered HTML in term descriptions. | 9.8 |
| 2018-11-28 | CVE-2018-19370 | Race Condition vulnerability in Yoast SEO A Race condition vulnerability in unzip_file in admin/import/class-import-settings.php in the Yoast SEO (wordpress-seo) plugin before 9.2.0 for WordPress allows an SEO Manager to perform command execution on the Operating System via a ZIP import. | 6.0 |