Title: Cross Scripting Warning
Last modified: November 16, 2017

---

# Cross Scripting Warning

 *  Resolved [Rik0399](https://wordpress.org/support/users/rik0399/)
 * (@rik0399)
 * [8 years, 6 months ago](https://wordpress.org/support/topic/cross-scripting-warning/)
 * Hi,
 * Should I be concerned about this :
 * [https://wpvulndb.com/vulnerabilities/8960](https://wpvulndb.com/vulnerabilities/8960)
 * Many Thanks

Viewing 4 replies - 1 through 4 (of 4 total)

 *  [wpdevuk](https://wordpress.org/support/users/wpdevuk/)
 * (@wpdevuk)
 * [8 years, 6 months ago](https://wordpress.org/support/topic/cross-scripting-warning/#post-9692747)
 * I’m also curious about this. I can’t see any reference to XSS fixes in the changelog.
 *  [Md Mazedul Islam Khan](https://wordpress.org/support/users/mazedulislamkhan/)
 * (@mazedulislamkhan)
 * [8 years, 6 months ago](https://wordpress.org/support/topic/cross-scripting-warning/#post-9693084)
 * [@rik0399](https://wordpress.org/support/users/rik0399/) If you’re running the
   Yoast SEO v5.7.1, please update your plugin to the latest version 5.8 as it was
   fixed in the latest version.
 * [@wpdevuk](https://wordpress.org/support/users/wpdevuk/) While the changelog 
   says nothing about this, we can confirm that it has been fixed in the Yoast SEO
   v5.8. We recommend you please update your plugin to the latest version.
 *  [wpdevuk](https://wordpress.org/support/users/wpdevuk/)
 * (@wpdevuk)
 * [8 years, 6 months ago](https://wordpress.org/support/topic/cross-scripting-warning/#post-9693184)
 * [@mazedulislamkhan](https://wordpress.org/support/users/mazedulislamkhan/) thanks
   for the fast response. As someone who manages a lot of sites I often keep an 
   eye on changelogs to see whether an update is security related and therefore 
   time sensitive. Is there a reason this vulnerability is not included? Will future
   security issues be disclosed publicly or do we need to rely on third party sites
   to alert us? Thank you for all your work.
 *  [Taco Verdonschot](https://wordpress.org/support/users/tacoverdo/)
 * (@tacoverdo)
 * [8 years, 6 months ago](https://wordpress.org/support/topic/cross-scripting-warning/#post-9695638)
 * We were alerted to this issue after we already fixed it by refactoring that part
   of Yoast SEO. As a result, there was no specific pull request to resolve this
   particular issue.
 * And as a result of that, when going over the commits to create the changelog,
   we missed that we fixed this issue in the process.
 * We’ll keep an extra eye out for situations like this in the future, so that security
   fixes are always in the changelog.
 * TL;DR: it should have been in the changelog, but we missed that we’d resolved
   it when writing the changelog. In the future, all (security) fixes will be listed.

Viewing 4 replies - 1 through 4 (of 4 total)

The topic ‘Cross Scripting Warning’ is closed to new replies.

 * ![](https://ps.w.org/wordpress-seo/assets/icon-256x256.gif?rev=3419908)
 * [Yoast SEO - Advanced SEO with real-time guidance and built-in AI](https://wordpress.org/plugins/wordpress-seo/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/wordpress-seo/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/wordpress-seo/)
 * [Active Topics](https://wordpress.org/support/plugin/wordpress-seo/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/wordpress-seo/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/wordpress-seo/reviews/)

 * 4 replies
 * 4 participants
 * Last reply from: [Taco Verdonschot](https://wordpress.org/support/users/tacoverdo/)
 * Last activity: [8 years, 6 months ago](https://wordpress.org/support/topic/cross-scripting-warning/#post-9695638)
 * Status: resolved