Intrusion Prevention

WordPress.Yoast.SEO.XSS

Description

This indicates the detection of an attack attempt against a Cross-Site Scripting (XSS) vulnerability in WordPress Yoast SEO plugin.
The vulnerability is due to insufficient sanitization of user supplied data. A remote attacker maybe able to exploit this to execute arbitrary script code within the context of the application.

Affected Products

Yoast SEO plugin prior to 5.8.0

Impact

System Compromise : Remote attackers can execute arbitrary script code in the context of the affected site.

Recommended Actions

Upgrade to the latest version available from the website.
https://wordpress.org/plugins/wordpress-seo/#developers

CVE References

CVE-2017-16842