CVE-2023-28775
WordPress Yoast SEO Premium plugin <= 20.4 - Unauthenticated Zapier API Key Reset vulnerabilityMissing Authorization vulnerability in Yoast Yoast SEO Premium.This issue affects Yoast SEO Premium: from n/a through 20.4.
We have discovered 116,153 live websites that are affected by CVE-2023-28775.
Affected Software
| Product |  Yoast SEO Premium |
| Category | Search Engine Optimization |
| Vulnerable Domains | 116,153 live websites (41.09% of Yoast SEO Premium install base) |
| Vulnerable Versions |
|
| Vulnerable Versions Count | 246 versions ( 82.27% of all versions) |
Common Weakness Enumeration
CWE-862 Missing AuthorizationDetails
- Published - Jun 11, 2024
- Updated - Aug 2, 2024
Credits
- Rafie Muhammad (Patchstack) (finder)
CWE
CVE References
CWE References
CVE-2023-28775 usage by Country
 United States | 51,247 websites |
 Germany | 9,545 websites |
 Iran | 5,698 websites |
 Vietnam | 4,746 websites |
 Russia | 4,417 websites |
 France | 4,367 websites |
 GB | 3,568 websites |
 Italy | 2,532 websites |
 Cyprus | 2,159 websites |
 Spain | 1,981 websites |
CVE-2023-28775 usage by TLD
| .com | 58,374 websites |
| .ru | 3,729 websites |
| .org | 3,710 websites |
| .de | 3,035 websites |
| .net | 2,942 websites |
| .com.br | 2,737 websites |
| .co.uk | 2,675 websites |
| .it | 2,192 websites |
| .com.au | 1,997 websites |
| .nl | 1,879 websites |
Vulnerable Versions
Vulnerable versions are highlighted in redWebsites affected by CVE-2023-28775
Top websites that are affected by CVE-2023-28775. Please click on the "Contact us" link to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| *********.com | United States | *** | |
| ************.com | United States | *,*** | |
| ***********.com | United States | *,*** | |
| ******.com | United States | *,*** | |
| ******.com | United States | *,*** | |
| *******.com | United States | *,*** | |
| **************.com | United States | *,*** | |
| *************.com | United States | *,*** | |
| *****.com | United States | *,*** | |
| ***.org | United States | *,*** |
FAQ
CVE-2023-28775 is Missing Authorization in Yoast SEO Premium
A total of 116,153 websites have been identified as vulnerable to CVE-2023-28775, based on global website indexing conducted by WebTechSurvey.
The Yoast SEO Premium is affected by the CVE-2023-28775 vulnerability.
Yoast SEO Premium versions up to and including 20.4 are vulnerable to CVE-2023-28775.