CVE-2025-14481— Yoast SEO <= 26.5 - Insecure Direct Object Reference to Authenticated (Contributor+) Sensitive Information Exposure via 'post_id' Parameter
Possible ATT&CK Techniques 2AI
T1059 · Command and Scripting Interpreter T1530 · Data from Cloud StorageAffected Version Matrix 1
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| yoast | Yoast SEO – Advanced SEO with real-time guidance and built-in AI | ≤ 26.5 | affected |
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2025-14481
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Yoast SEO <= 26.5 - Insecure Direct Object Reference to Authenticated (Contributor+) Sensitive Information Exposure via 'post_id' Parameter
Source: NVD (National Vulnerability Database)
Vulnerability Description
The Yoast SEO plugin for WordPress is vulnerable to Insecure Direct Object References in all versions up to, and including, 26.5. This is due to insufficient authorization checks in the Meta Search REST API endpoint that fail to verify post ownership. This makes it possible for authenticated attackers, with Contributor-level access and above, to read sensitive SEO metadata from any post on the site via the 'post_id' parameter, including posts owned by other users, private posts, and draft posts.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
授权机制缺失
Source: NVD (National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| yoast | Yoast SEO – Advanced SEO with real-time guidance and built-in AI | 0 ~ 26.5 | - |
II. Public POCs for CVE-2025-14481
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2025-14481
请登录查看更多情报信息。
Patches & Fixes for CVE-2025-14481 (2)
Other References for CVE-2025-14481 (1)
IV. Related Vulnerabilities
Same vendor: yoast
- CVE-2026-3427
Yoast SEO <= 27.1.1 - Authenticated (Contributor+) Stored Cr - CVE-2026-1217
Yoast Duplicate Post <= 4.5 - Authenticated (Contributor+) M - CVE-2019-25314
Duplicate-Post 3.2.3 - Persistent Cross-Site Scripting - CVE-2026-1293
Yoast SEO <= 26.8 - Authenticated (Contributor+) Stored Cros - CVE-2023-28775
WordPress Yoast SEO Premium plugin <= 20.4 - Unauthenticated
Same weakness: CWE-862
- CVE-2026-2601
Missing Authorization in GitLab - CVE-2026-5296
Missing Authorization in GitLab - CVE-2026-45717
Budibase: `PUT /api/datasources/:datasourceId` is protected - CVE-2026-46425
Budibase: SCIM endpoints lack role-based authorization, BASI - CVE-2026-48151
Budibase: Webhook schema endpoint authorization bypass allow
V. Comments for CVE-2025-14481
No comments yet