CVE-2023-40680

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2023-40680

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-40680.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-40680

Published

2023-11-30T13:15:07.927Z

Modified

2026-04-10T05:57:28.062700Z

Severity

4.8 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Team Yoast Yoast SEO allows Stored XSS.This issue affects Yoast SEO: from n/a through 21.0.

References

https://patchstack.com/database/vulnerability/wordpress-seo/wordpress-yoast-seo-plugin-21-0-cross-site-scripting-xss-vulnerability?_s_id=cve

Affected packages

Git / github.com/yoast/wordpress-seo

Affected ranges

Type

GIT

Repo

https://github.com/yoast/wordpress-seo

Events

Introduced

Last affected

bb25730ea60d1f4540df36e5463994d87cef4fa2

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "21.0"
        }
    ]
}

Affected versions

1.*

1.4.15

1.4.18

1.4.20

1.4.21

1.4.22

1.4.23

1.4.24

1.4.25

1.5.0

1.5.1

1.5.2

1.5.2.1

1.5.2.2

1.5.2.3

1.5.2.4

1.5.5

1.5.5.1

1.5.5.2

1.5.5.3

1.5.6

1.6

1.6.1

1.6.2

1.6.3

1.8-beta

10.*

10.0

10.0.1

10.1

10.1.1

10.1.2

10.1.3

11.*

11.0

11.1

11.1.1

11.2

11.2.1

11.3

11.4

11.5

11.6

11.7

11.8

11.9

12.*

12.0

12.1

12.2

12.3

12.4

12.5

12.5.1

12.6

12.6.1

12.6.2

12.7

12.7.1

12.8

12.8.1

12.9

12.9.1

13.*

13.0

13.1

13.2

13.3

13.4

13.5

14.*

14.0

14.0.1

14.0.2

14.0.3

14.0.4

14.1

14.2

14.3

14.4

14.4.1

14.5

14.6

14.6.1

14.7

14.8

14.8.1

14.9

15.*

15.0

15.1

15.1.1

15.2

15.2.1

15.3

15.4

15.5

15.6

15.6.1

15.6.2

15.7

15.8

15.8.1-RC1

15.9

15.9.1

15.9.2

16.*

16.0

16.0.1

16.0.2

16.1

16.1.1

16.2

16.3

16.4

16.5

16.6

16.6.1

16.7

16.8

16.9

17.*

17.0

17.1

17.2

17.2.1

17.3

17.4

17.5

17.6

17.7

17.7.1

17.8

17.9

18.*

18.0

18.1

18.2

18.3

18.4.1

18.5

18.5.1

18.6

18.7

18.8

18.9

19.*

19.0

19.1

19.10

19.11

19.12

19.13

19.14

19.2

19.3

19.4

19.5

19.5.1

19.6

19.6.1

19.7

19.7.1

19.7.2

19.8

19.9

2.*

2.0

2.0.1

2.1

2.1.1

2.2

2.2.1

2.3

2.3.1

2.3.2

20.*

20.0

20.1

20.10

20.11

20.12

20.13

20.2

20.2.1

20.3

20.4

20.5

20.6

20.7

20.8

20.9

21.*

21.0

3.*

3.0

3.0.1

3.0.2

3.0.3

3.0.4

3.0.5

3.0.6

3.3.1

3.4

3.7.0

4.*

4.5

4.6

4.7

4.8

4.9

5.*

5.1

5.2

5.3

5.3.1

5.3.2

5.3.3

5.4.0

5.4.1

5.4.2

5.5

5.5.1

5.6

5.6.1

5.7

5.7.1

5.8

5.9

5.9.1

5.9.2

5.9.3

6.*

6.0

6.1

6.1.1

6.2

6.3

6.3.1

7.*

7.0

7.0.1

7.0.2

7.0.3

7.1

7.2

7.3

7.4

7.4.1

7.4.2

7.5

7.5.1

7.5.3

7.6

7.6.1

7.7

7.7.1

7.7.2

7.7.3

7.8

7.9

7.9.1

8.*

8.0

8.1

8.1.1

8.1.2

8.2

8.2.1

8.3

8.4

9.*

9.0

9.0.1

9.0.2

9.0.3

9.1

9.2

9.2.1

9.3

9.4

9.5

9.6

9.7

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-40680.json"