CVE-2021-25118 (GCVE-0-2021-25118)

Vulnerability from cvelistv5 – Published: 2022-02-28 09:06 – Updated: 2024-08-03 19:56
VLAI
Title
Yoast SEO 16.7-17.2 - Unauthenticated Full Path Disclosure
Summary
The Yoast SEO WordPress plugin (from versions 16.7 until 17.2) discloses the full internal path of featured images in posts via the wp/v2/posts REST endpoints which could help an attacker identify other vulnerabilities or help during the exploitation of other identified vulnerabilities.
Severity
No CVSS data available.
CWE
Assigner
References
Impacted products
Vendor Product Version
Unknown Yoast SEO Affected: 16.7 , < 16.7* (custom)
Affected: 17.3 , < 17.3 (custom)
Create a notification for this product.
Credits
Fariq Fadillah Gusti Insani
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T19:56:10.582Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://wpscan.com/vulnerability/2c3f9038-632d-40ef-a099-6ea202efb550"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://plugins.trac.wordpress.org/changeset/2608691"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Yoast SEO",
          "vendor": "Unknown",
          "versions": [
            {
              "lessThan": "16.7*",
              "status": "affected",
              "version": "16.7",
              "versionType": "custom"
            },
            {
              "lessThan": "17.3",
              "status": "affected",
              "version": "17.3",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Fariq Fadillah Gusti Insani"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The Yoast SEO WordPress plugin (from versions 16.7 until 17.2) discloses the full internal path of featured images in posts via the wp/v2/posts REST endpoints which could help an attacker identify other vulnerabilities or help during the exploitation of other identified vulnerabilities."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-200",
              "description": "CWE-200 Information Exposure",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-09-19T14:00:40.000Z",
        "orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
        "shortName": "WPScan"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://wpscan.com/vulnerability/2c3f9038-632d-40ef-a099-6ea202efb550"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://plugins.trac.wordpress.org/changeset/2608691"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Yoast SEO 16.7-17.2 - Unauthenticated Full Path Disclosure",
      "x_generator": "WPScan CVE Generator",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "contact@wpscan.com",
          "ID": "CVE-2021-25118",
          "STATE": "PUBLIC",
          "TITLE": "Yoast SEO 16.7-17.2 - Unauthenticated Full Path Disclosure"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Yoast SEO",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003e=",
                            "version_name": "16.7",
                            "version_value": "16.7"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "17.3",
                            "version_value": "17.3"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Unknown"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Fariq Fadillah Gusti Insani"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Yoast SEO WordPress plugin (from versions 16.7 until 17.2) discloses the full internal path of featured images in posts via the wp/v2/posts REST endpoints which could help an attacker identify other vulnerabilities or help during the exploitation of other identified vulnerabilities."
            }
          ]
        },
        "generator": "WPScan CVE Generator",
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-200 Information Exposure"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://wpscan.com/vulnerability/2c3f9038-632d-40ef-a099-6ea202efb550",
              "refsource": "MISC",
              "url": "https://wpscan.com/vulnerability/2c3f9038-632d-40ef-a099-6ea202efb550"
            },
            {
              "name": "https://plugins.trac.wordpress.org/changeset/2608691",
              "refsource": "CONFIRM",
              "url": "https://plugins.trac.wordpress.org/changeset/2608691"
            }
          ]
        },
        "source": {
          "discovery": "EXTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
    "assignerShortName": "WPScan",
    "cveId": "CVE-2021-25118",
    "datePublished": "2022-02-28T09:06:38.000Z",
    "dateReserved": "2021-01-14T00:00:00.000Z",
    "dateUpdated": "2024-08-03T19:56:10.582Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2021-25118",
      "date": "2026-05-31",
      "epss": "0.3533",
      "percentile": "0.97132"
    },
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:yoast:yoast_seo:*:*:*:*:*:wordpress:*:*\", \"versionStartIncluding\": \"16.7\", \"versionEndExcluding\": \"17.3\", \"matchCriteriaId\": \"888F804E-CC6E-4489-AE83-337FDF3D8F7A\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The Yoast SEO WordPress plugin (from versions 16.7 until 17.2) discloses the full internal path of featured images in posts via the wp/v2/posts REST endpoints which could help an attacker identify other vulnerabilities or help during the exploitation of other identified vulnerabilities.\"}, {\"lang\": \"es\", \"value\": \"El plugin Yoast SEO WordPress (desde la versi\\u00f3n 16.7 hasta la 17.2) revela la ruta interna completa de las im\\u00e1genes destacadas en las entradas a trav\\u00e9s de los puntos finales REST wp/v2/posts, lo que podr\\u00eda ayudar a un atacante a identificar otras vulnerabilidades o ayudar durante la explotaci\\u00f3n de otras vulnerabilidades identificadas\"}]",
      "id": "CVE-2021-25118",
      "lastModified": "2024-11-21T05:54:23.220",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\", \"baseScore\": 5.3, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 1.4}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:N/A:N\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2022-02-28T09:15:08.720",
      "references": "[{\"url\": \"https://plugins.trac.wordpress.org/changeset/2608691\", \"source\": \"contact@wpscan.com\", \"tags\": [\"Release Notes\", \"Third Party Advisory\"]}, {\"url\": \"https://wpscan.com/vulnerability/2c3f9038-632d-40ef-a099-6ea202efb550\", \"source\": \"contact@wpscan.com\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://plugins.trac.wordpress.org/changeset/2608691\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\", \"Third Party Advisory\"]}, {\"url\": \"https://wpscan.com/vulnerability/2c3f9038-632d-40ef-a099-6ea202efb550\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}]",
      "sourceIdentifier": "contact@wpscan.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"contact@wpscan.com\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-200\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-25118\",\"sourceIdentifier\":\"contact@wpscan.com\",\"published\":\"2022-02-28T09:15:08.720\",\"lastModified\":\"2024-11-21T05:54:23.220\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The Yoast SEO WordPress plugin (from versions 16.7 until 17.2) discloses the full internal path of featured images in posts via the wp/v2/posts REST endpoints which could help an attacker identify other vulnerabilities or help during the exploitation of other identified vulnerabilities.\"},{\"lang\":\"es\",\"value\":\"El plugin Yoast SEO WordPress (desde la versi\u00f3n 16.7 hasta la 17.2) revela la ruta interna completa de las im\u00e1genes destacadas en las entradas a trav\u00e9s de los puntos finales REST wp/v2/posts, lo que podr\u00eda ayudar a un atacante a identificar otras vulnerabilidades o ayudar durante la explotaci\u00f3n de otras vulnerabilidades identificadas\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"contact@wpscan.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-200\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:yoast:yoast_seo:*:*:*:*:*:wordpress:*:*\",\"versionStartIncluding\":\"16.7\",\"versionEndExcluding\":\"17.3\",\"matchCriteriaId\":\"888F804E-CC6E-4489-AE83-337FDF3D8F7A\"}]}]}],\"references\":[{\"url\":\"https://plugins.trac.wordpress.org/changeset/2608691\",\"source\":\"contact@wpscan.com\",\"tags\":[\"Release Notes\",\"Third Party Advisory\"]},{\"url\":\"https://wpscan.com/vulnerability/2c3f9038-632d-40ef-a099-6ea202efb550\",\"source\":\"contact@wpscan.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://plugins.trac.wordpress.org/changeset/2608691\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Third Party Advisory\"]},{\"url\":\"https://wpscan.com/vulnerability/2c3f9038-632d-40ef-a099-6ea202efb550\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.