Welcome to WebmasterWorld Guest from 18.104.22.168
A remote unauthenticated attacker could use this vulnerability to execute arbitrary SQL queries on the victim WordPress web site by enticing an authenticated admin, editor or author user to click on a specially crafted link or visit a page they control.
One possible attack scenario would be an attacker adding their own administrative user to the target WordPress site, allowing them to compromise the entire web site. WordPress Yoast SEO Plugin Serious Vulnerability [grahamcluley.com]
[edited by: engine at 9:44 am (utc) on Mar 16, 2015]