This vulnerability is an instance of Improper Neutralization of Input During Web Page Generation, identified as CWE-79. The Turn Yoast SEO FAQ Block to Accordion plugin stores user‑supplied FAQ content without proper sanitization, allowing an attacker to inject malicious JavaScript that will run in the browsers of users who view the affected pages. A successful exploit could result in defacement, theft of session cookies, or arbitrary code execution within the victim’s browser context.

Vulnerable versions of the Turn Yoast SEO FAQ Block to Accordion plugin, released by vendor yasir129, include all releases up to and including version 1.0.6. The plugin operates on WordPress sites; therefore any WordPress installation that has not upgraded beyond 1.0.6 is potentially exposed.

The CVSS score of 6.5 indicates a moderate severity, while the EPSS score of less than 1% points to a low probability of exploitation in the wild. The vulnerability is not listed in the CISA KEV catalog. Based on the description, the flaw is a stored XSS that can only be triggered by a user who can submit or edit FAQ entries. In practice this typically requires administrative or editor privileges within the WordPress dashboard. The attack vector therefore depends on the attacker’s ability to inject content into the plugin’s FAQ block, either through the normal creation interface or via an elevated account.