Skip to main content

Yoast Seo Premium

1 CVEs product

Monthly

CVE-2026-40722 MEDIUM This Month

Missing authorization controls in Yoast SEO Premium (WordPress plugin by Yoast BV) allow a network-accessible, highly privileged authenticated user to exploit incorrectly configured access control levels, yielding low-severity integrity and availability impact with a scope change that extends beyond the plugin itself into the broader WordPress environment. Affecting all versions through 26.6, this is a CWE-862 (Missing Authorization) flaw reported by Patchstack. No public exploit code or active exploitation via CISA KEV has been identified at time of analysis.

Authentication Bypass Yoast Seo Premium
NVD
CVSS 3.1
5.5
EPSS
0.3%
EPSS 0% CVSS 5.5
MEDIUM This Month

Missing authorization controls in Yoast SEO Premium (WordPress plugin by Yoast BV) allow a network-accessible, highly privileged authenticated user to exploit incorrectly configured access control levels, yielding low-severity integrity and availability impact with a scope change that extends beyond the plugin itself into the broader WordPress environment. Affecting all versions through 26.6, this is a CWE-862 (Missing Authorization) flaw reported by Patchstack. No public exploit code or active exploitation via CISA KEV has been identified at time of analysis.

Authentication Bypass Yoast Seo Premium
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy