CVE-2021-24153

CVE-2021-24153: Yoast SEO < 3.4.1 - Authenticated Stored Cross-Site Scripting (XSS)

Vendor Unknown

Product Yoast SEO

Weakness CWE-79 · XSS

Published April 5, 2021

Last update August 3, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

Description

A Stored Cross-Site Scripting vulnerability was discovered in the Yoast SEO WordPress plugin before 3.4.1, which had built-in blacklist filters which were blacklisting Parenthesis as well as several functions such as alert but bypasses were found.

Key dates

Disclosure timeline

April 5, 2021 CVE published

August 3, 2024 Record updated