CVE-2023-28775
- Source
- https://cve.org/CVERecord?id=CVE-2023-28775
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-28775.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2023-28775
- Published
- 2024-06-11T09:16:19.210Z
- Modified
- 2026-05-28T04:08:35.303550967Z
- Severity
-
- 5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVSS Calculator
- Summary
- WordPress Yoast SEO Premium plugin <= 20.4 - Unauthenticated Zapier API Key Reset vulnerability
- Details
-
Missing Authorization vulnerability in Yoast Yoast SEO Premium.This issue affects Yoast SEO Premium: from n/a through 20.4.
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/28xxx/CVE-2023-28775.json", "cwe_ids": [ "CWE-862" ], "cna_assigner": "Patchstack", "unresolved_ranges": [ { "extracted_events": [ { "last_affected": "20.4" } ], "source": "AFFECTED_FIELD" }, { "extracted_events": [ { "fixed": "20.4" } ], "source": "DESCRIPTION" } ] }- References
-
- https://wordpress.org/plugins
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/28xxx/CVE-2023-28775.json
- https://nvd.nist.gov/vuln/detail/CVE-2023-28775
- https://patchstack.com/database/vulnerability/wordpress-seo-premium/wordpress-yoast-seo-premium-plugin-20-4-unauthenticated-zapier-api-key-reset-vulnerability?_s_id=cve
Affected packages
Git / github.com/yoast/wordpress-seo
Affected ranges
- Type
- GIT
- Repo
- https://github.com/yoast/wordpress-seo
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
- Database specific
{ "extracted_events": [ { "introduced": "0" }, { "fixed": "20.5" } ], "cpe": "cpe:2.3:a:yoast:yoast_seo:*:*:*:*:*:wordpress:*:*", "source": "CPE_RANGE" }
Affected versions
1.*
1.4.15
1.4.18
1.4.20
1.4.21
1.4.22
1.4.23
1.4.24
1.4.25
1.5.0
1.5.1
1.5.2
1.5.2.1
1.5.2.2
1.5.2.3
1.5.2.4
1.5.5
1.5.5.1
1.5.5.2
1.5.5.3
1.5.6
1.6
1.6.1
1.6.2
1.6.3
1.8-beta
10.*
10.0
10.0.1
10.1
10.1.1
10.1.2
10.1.3
11.*
11.0
11.1
11.1.1
11.2
11.2.1
11.3
11.4
11.5
11.6
11.7
11.8
11.9
12.*
12.0
12.1
12.2
12.3
12.4
12.5
12.5.1
12.6
12.6.1
12.6.2
12.7
12.7.1
12.8
12.8.1
12.9
12.9.1
13.*
13.0
13.1
13.2
13.3
13.4
13.5
14.*
14.0
14.0.1
14.0.2
14.0.3
14.0.4
14.1
14.2
14.3
14.4
14.4.1
14.5
14.6
14.6.1
14.7
14.8
14.8.1
14.9
15.*
15.0
15.1
15.1.1
15.2
15.2.1
15.3
15.4
15.5
15.6
15.6.1
15.6.2
15.7
15.8
15.8.1-RC1
15.9
15.9.1
15.9.2
16.*
16.0
16.0.1
16.0.2
16.1
16.1.1
16.2
16.3
16.4
16.5
16.6
16.6.1
16.7
16.8
16.9
17.*
17.0
17.1
17.2
17.2.1
17.3
17.4
17.5
17.6
17.7
17.7.1
17.8
17.9
18.*
18.0
18.1
18.2
18.3
18.4.1
18.5
18.5.1
18.6
18.7
18.8
18.9
19.*
19.0
19.1
19.10
19.11
19.12
19.13
19.14
19.2
19.3
19.4
19.5
19.5.1
19.6
19.6.1
19.7
19.7.1
19.7.2
19.8
19.9
2.*
2.0
2.0.1
2.1
2.1.1
2.2
2.2.1
2.3
2.3.1
2.3.2
20.*
20.0
20.1
20.2
20.2.1
20.3
20.4
3.*
3.0
3.0.1
3.0.2
3.0.3
3.0.4
3.0.5
3.0.6
3.3.1
3.4
3.7.0
4.*
4.5
4.6
4.7
4.8
4.9
5.*
5.1
5.2
5.3
5.3.1
5.3.2
5.3.3
5.4.0
5.4.1
5.4.2
5.5
5.5.1
5.6
5.6.1
5.7
5.7.1
5.8
5.9
5.9.1
5.9.2
5.9.3
6.*
6.0
6.1
6.1.1
6.2
6.3
6.3.1
7.*
7.0
7.0.1
7.0.2
7.0.3
7.1
7.2
7.3
7.4
7.4.1
7.4.2
7.5
7.5.1
7.5.3
7.6
7.6.1
7.7
7.7.1
7.7.2
7.7.3
7.8
7.9
7.9.1
8.*
8.0
8.1
8.1.1
8.1.2
8.2
8.2.1
8.3
8.4
9.*
9.0
9.0.1
9.0.2
9.0.3
9.1
9.2
9.2.1
9.3
9.4
9.5
9.6
9.7