A critical cross-site scripting (XSS) vulnerability has been discovered in the popular Yoast SEO WordPress plugin, potentially putting more than 5 million websites at risk of compromise.
The flaw was found by security researcher Bassem Essam and reported through the Wordfence Bug Bounty program.
Reflected XSS vulnerability exists in all versions of Yoast SEO up to 22.5 due to insufficient sanitization of input and output escape.
Document
Integrate ANY.RUN into your enterprise for effective malware analysis
Are you from the SOC, Threat Research or DFIR departments? If so, you can join an online community of 400,000 independent security researchers:
Real-time detection Interactive malware analysis Easy for new security team members to learn Get detailed reports with maximum data Virtual machine configuration on Linux and all versions of Windows OS Interact with malware from safe way
If you want to try all these features now with completely free access to the sandbox:
Try ANY.RUN for FREE
Allows unauthenticated attackers to inject malicious scripts into WordPress pages via plugin URL parameters. When an administrator visits the crafted URL, the injected scripts are executed in their browser session.
Successful exploitation could allow attackers to create malicious administrator accounts, inject backdoors into theme and plugin files, redirect visitors to malicious sites, and gain complete control over the vulnerable WordPress site. advice.
The attack requires tricking an administrator into clicking a malicious link. Yoast has released a patched version, 22.6, to fix the security hole.
All websites using Yoast SEO are urged to update immediately. According to WordPress.org, the plugin is active on more than 5 million WordPress installations.
On-demand webinar to secure the 3 main attack vectors for SMEs: Watch for free.
Web security company Wordfence has added firewall rules to protect its users against any exploit attempts targeting this flaw.
They awarded Bassem Essam a bug bounty of $563 for reporting the vulnerability.
“This vulnerability requires users to click a link to succeed and is a reminder for site administrators and users to follow best security practices and avoid clicking links from untrusted sources,” said Ram Gall, quality control engineer at Defiant, the company behind it. Wordfence.
Yoast SEO is the most popular WordPress plugin for search engine optimization, which makes it a particularly shocking vulnerability.
Website owners using the plugin should upgrade to version 22.6 or later as soon as possible.
Administrators are also encouraged to review their sites for any signs of suspicious activity.
The incident highlights the importance of keeping WordPress plugins up-to-date and the key role bug bounty programs play in responsibly disclosing vulnerabilities.
More details about the flaw and a timeline of its discovery and patching are available on the Wordfence blog.
Is your network under attack? – Read the CISO’s Guide to Avoiding the Next Breach – Download Free Guide
