WordPress Plugin Yoast Duplicate Post Version Disclosure

Summary#

Invicti detected a version disclosure in WordPress plugin.

These plugins are used to extend the functionality of WordPress and are mostly developed by external developers and not by the WordPress maintainers. It is advised to keep the number of plugins at the required minimum to avoid increasing the attack surface.

This information can help an attacker gain a greater understanding of the systems in use and potentially develop further attacks targeted at the specific version of WordPress Plugin discovered.

Impact#

Since this is an old version of the plugin, it may be vulnerable to attacks.

Classifications#

CWE-205, WASC-13, OWASP 2017-A6, ISO27001-A.18.1.3, HIPAA-164.306(a), 164.308(a), OWASP 2013-A5, CAPEC-170

WordPress Plugin Yoast Duplicate Post Version Disclosure

Related Articles

Build your resistance to threats. And save hundreds of hours each month.