The Yoast SEO WordPress plugin (from versions 16.7 until 17.2) discloses the full internal path of featured images in posts via the wp/v2/posts REST endpoints which could help an attacker identify other vulnerabilities or help during the exploitation of other identified vulnerabilities.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: WPScan
Published: 2022-02-28T09:06:38
Updated: 2024-08-03T19:56:10.582Z
Reserved: 2021-01-14T00:00:00
Link: CVE-2021-25118
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-02-28T09:15:08.720
Modified: 2024-11-21T05:54:23.220
Link: CVE-2021-25118
Redhat
No data.