Cross Site Scripting Vulnerability in Surbma | Yoast SEO Breadcrumb Shortcode
CVE-2026-57764
6.5MEDIUM
Key Information:
- Vendor
WordPress
- Vendor
- CVE Published:
- 2 July 2026
What is CVE-2026-57764?
A Cross Site Scripting (XSS) vulnerability exists in the Surbma | Yoast SEO Breadcrumb Shortcode plugin versions up to 1.2, allowing attackers to inject malicious scripts. This could potentially lead to data theft or unauthorized actions on behalf of users who visit the compromised site. It is crucial for users and site administrators to update their plugins to mitigate this risk and maintain overall website security.
Affected Version(s)
Surbma | Yoast SEO Breadcrumb Shortcode <= 1.2