Yoast SEO Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-4984 | WordPress Plugin Vulnerability Report
Plugin Name: Yoast SEO
Key Information:
- Software Type: Plugin
- Software Slug: wordpress-seo
- Software Status: Active
- Software Author: yoast
- Software Downloads: 678,383,360
- Active Installs: 10,000,000
- Last Updated: May 14, 2024
- Patched Versions: 22.7
- Affected Versions: <= 22.6
Vulnerability Details:
- Name: Yoast SEO <= 22.6 - Authenticated (Contributor+) Stored Cross-Site Scripting
- Type: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
- CVE: CVE-2024-4984
- CVSS Score: 6.4 (Medium)
- Publicly Published: May 14, 2024
- Researcher: rob006
- Description: The Yoast SEO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'display_name' author meta in all versions up to, and including, 22.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Summary:
The Yoast SEO plugin for WordPress has a vulnerability in versions up to and including 22.6 that allows authenticated attackers with contributor-level access and above to inject arbitrary web scripts in pages via the 'display_name' author meta due to insufficient input sanitization and output escaping. This vulnerability has been patched in version 22.7.
Detailed Overview:
The vulnerability was discovered by researcher rob006 and publicly published on May 14, 2024. It is a Stored Cross-Site Scripting vulnerability that exists in the Yoast SEO plugin for WordPress, affecting all versions up to and including 22.6. The vulnerability is caused by insufficient input sanitization and output escaping of the 'display_name' author meta, which allows authenticated attackers with contributor-level access and above to inject arbitrary web scripts in pages. These scripts will execute whenever a user accesses an injected page, potentially leading to unauthorized actions or theft of sensitive information.
Advice for Users:
- Immediate Action: Users are strongly encouraged to update their Yoast SEO plugin to version 22.7 or later to ensure their WordPress installations are protected against this vulnerability.
- Check for Signs of Vulnerability: Users should review their WordPress site for any suspicious or unauthorized content, especially in author display names, which may indicate that the vulnerability has been exploited.
- Alternate Plugins: While a patch is available, users might still consider plugins that offer similar functionality as a precaution.
- Stay Updated: Always ensure that your plugins are updated to the latest versions to avoid vulnerabilities.
The prompt response from the Yoast SEO developers to patch this vulnerability underscores the importance of timely updates. Users are advised to ensure that they are running version 22.7 or later to secure their WordPress installations.
References:
https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/wordpress-seo
Detailed Report:
As a website owner, keeping your site secure should always be a top priority. The recent discovery of a vulnerability in the widely-used Yoast SEO plugin for WordPress underscores the critical importance of regularly updating your plugins and staying informed about potential security risks. In this blog post, we'll discuss the details of the Yoast SEO vulnerability, the risks it poses to your website, and the steps you can take to protect your site and your users.
About Yoast SEO
Yoast SEO is a popular WordPress plugin that helps website owners optimize their content for search engines. With over 10 million active installations, it is one of the most widely-used SEO plugins for WordPress. The plugin is developed by Yoast, a well-known company in the WordPress community.
The Vulnerability
On May 14, 2024, researcher rob006 publicly disclosed a Stored Cross-Site Scripting (XSS) vulnerability in the Yoast SEO plugin. The vulnerability, identified as CVE-2024-4984, affects all versions of the plugin up to and including 22.6. It allows authenticated attackers with contributor-level access and above to inject arbitrary web scripts into pages via the 'display_name' author meta due to insufficient input sanitization and output escaping.
Risks and Potential Impacts
If left unpatched, this vulnerability could lead to serious consequences for your website and your users. Attackers could inject malicious scripts into your pages, which would execute whenever a user accesses an injected page. This could result in unauthorized actions, theft of sensitive user information, and damage to your website's reputation.
Remediating the Vulnerability
To protect your website from this vulnerability, it is crucial to update your Yoast SEO plugin to version 22.7 or later. This version includes a patch that addresses the Stored XSS vulnerability. If you're unsure whether your site has been compromised, review your WordPress site for any suspicious or unauthorized content, especially in author display names.
In addition to updating the plugin, consider the following best practices:
- If you're not comfortable updating the plugin yourself, reach out to your web developer or hosting provider for assistance.
- Consider using alternate plugins that offer similar functionality as a precaution.
- Always ensure that your plugins, themes, and WordPress core are updated to the latest versions to avoid vulnerabilities.
Previous Vulnerabilities
It's worth noting that this is not the first vulnerability found in the Yoast SEO plugin. Since October 2012, there have been 15 previous vulnerabilities reported. This highlights the ongoing need for vigilance in maintaining the security of your WordPress site.
The Importance of Staying on Top of Security Vulnerabilities
As a small business owner, you likely have a lot on your plate, and staying on top of website security may not always be at the forefront of your mind. However, the consequences of a compromised website can be severe, including loss of customer trust, financial damage, and harm to your brand's reputation.
By making website security a priority and staying informed about potential vulnerabilities, you can take proactive steps to protect your site and your users. This includes regularly updating your plugins, themes, and WordPress core, monitoring your site for signs of compromise, and partnering with trusted web developers or hosting providers who can help you navigate the ever-changing landscape of website security.
Remember, the security of your website is not something to be taken lightly. By staying vigilant and taking prompt action when vulnerabilities are discovered, you can significantly reduce the risk of falling victim to attacks and ensure the long-term success of your online presence.
Security vulnerabilities like this one demonstrate the importance of having WordPress experts regularly monitor, maintain and update your site. At Your WP Guy, we offer ongoing management to handle updates, security monitoring, backups, uptime and support so you can stop worrying and get back to growing your business.
Let us fully audit your site to check for any signs of this vulnerability or other issues. We'll immediately update any out-of-date plugins and harden your site's security. Chat with us anytime during business hours, schedule a call or call 678-995-5169 to lock down your online presence.