Yoast SEO 9.1 Vulnerability Could Allow Command Execution

A few days ago, a researcher discovered a serious security flaw in Yoast plugin. This Yoast SEO 9.1 Vulnerability could allow an attacker to execute arbitrary commands. Fortunately, Yoast has patched the flaw in the recent release 9.2. Therefore, the users should ensure upgrading to the latest version to stay protected from potential attacks.

Yoast SEO 9.1 Vulnerability Discovered

As disclosed by Search Engine Journal in a blog post, a security researcher has discovered a Yoast SEO 9.1 vulnerability that remained unannounced. As per his findings, the flaw could an attacker to execute arbitrary commands on the target system.

The researcher Dimopoulos Ilias, with alias gweeperx on Twitter, first disclosed his findings in his tweet. He allegedly broke the news after the fix.

According to SEJ, Ilias found a race condition vulnerability in Yoast SEO 9.1 (CVE-2018-19370). To exploit this vulnerability, an attacker could simply convince the victim to open a specially crafted file. As stated in the security advisory,

“A Race condition vulnerability in unzip_file in admin/import/class-import-settings.php in the Yoast SEO (wordpress-seo) plugin before 9.2.0 for WordPress allows an SEO Manager to perform command execution on the Operating System via a ZIP import.”

In addition to the write-up, the researcher has also demonstrated the exploit in a video.

Update To Yoast SEO 9.2

The vulnerability disclosed herewith allegedly affected Yoast SEO 9.1 and earlier versions. Also, it potentially worked for SEO Manager roles only.

After knowing about the flaw, Yoast immediately patched it and released the fixed version 9.2. Although the patch is available, the problem lies because of several unpatched systems. According to Yoast SEO Plugin stats, only 23.7% out of the total active users have yet upgraded to v.9.2. It means a large number of Yoast SEO users remain exposed to the flaw.

It is highly recommended to download the latest Yoast SEO 9.2 to stay protected from potential hacks.

Related posts

NachoVPN Attack Risks Corporate VPN Clients

Sweet Security Introduces Evolutionary Leap in Cloud Detection and Response, Releasing First Unified Detection & Response Platform

Anti-Spam WordPress Plugin Vulnerabilities Risked 200K+ Websites