cleantalk
Vulnerabilities and Security Researches

Yoast Duplicate Post, CVE-2019-25314

CVE, Research URL

CVE-2019-25314

Home page URL

Security reports for Yoast Duplicate Post

Application

Yoast Duplicate Post

Published on
Feb 11, 2026
Research Description
Yoast Duplicate-Post WordPress Plugin 3.2.3 contains a persistent cross-site scripting vulnerability in plugin settings parameters. Attackers can inject malicious scripts into title prefix, suffix, menu order, and blacklist fields to execute arbitrary JavaScript in admin interfaces.
Affected versions
max 3.2.3.
Status
vulnerable
Previous vulnerability researches
Availability Calendar (CVE-2025-46528) , Apr 26, 2025
Availability Calendar (CVE-2023-48744) , Jun 07, 2024
Availability Calendar (CVE-2021-24604) , Jun 07, 2024
Availability Calendar (CVE-2021-24606) , Jun 07, 2024
WP iCal Availability (CVE-2023-46607) , Jun 10, 2024
New vulnerability
Cookie banner plugin for WordPress – Cookiebot CMP by Usercentrics (CVE-2026-25407) , Feb 27, 2026
WP Activity Log (CVE-2026-25331) , Feb 27, 2026
Yoast Duplicate Post (CVE-2019-25314) , Feb 27, 2026
User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor (CVE-2025-15030) , Feb 27, 2026
Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders (CVE-2026-23543) , Feb 27, 2026