240 matches found
WordPress plugin Rank Math SEO 代码注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code injection...
PT-2024-17142 · Unknown · Rank Math Seo
Name of the Vulnerable Software and Affected Versions: Rank Math SEO versions 1.0.2 through 1.0.231 Description: A Code Injection vulnerability exists in Rank Math SEO, allowing improper control of code generation. This issue enables code injection, potentially leading to security breaches. The...
Rank Math SEO with AI SEO Tools Plugin < 1.0.229 Multiple Vulnerabilities
The WordPress plugin SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:rankmath:seo"; ifdescription...
WordPress Rank Math SEO plugin <= 1.0.231 - Arbitrary .htaccess Overwrite to Remote Code Execution (RCE) vulnerability
Arbitrary .htaccess Overwrite to Remote Code Execution RCE vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Rank Math SEO versions = 1.0.231...
WordPress Rank Math SEO Plugin <= 1.0.231 is vulnerable to Remote Code Execution (RCE)
Software Rank Math SEO Type Plugin Vulnerable versions = 1.0.231 Fixed in 1.0.232 OWASP Top 10 A3: Injection Classification Remote Code Execution RCE CVE CVE-2024-11620 Patch priority Medium CVSS severity Medium 7.2 Developer Claim ownership PSID fa39a0816eed Credits Rafie Muhammad Patchstack...
VulnCheck KEV: CVE-2024-9161
The Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to unauthorized modification and loss of data due to a missing capability check on the 'updatemetadata' function in all versions up to, and including, 1.0.228. This makes it possible for...
WordPress Rank Math SEO plugin <= 1.0.228 - Missing Authorization to Unauthenticated User and Term Metadata Insert, Update, and Delete vulnerability
Missing Authorization to Unauthenticated User and Term Metadata Insert, Update, and Delete vulnerability discovered by Leo in WordPress Plugin Rank Math SEO versions = 1.0.228...
WordPress Rank Math SEO plugin <= 1.0.228 - Authenticated (Administrator+) PHP Object Injection vulnerability
Authenticated Administrator+ PHP Object Injection vulnerability discovered by Leo in WordPress Plugin Rank Math SEO versions = 1.0.228...
WordPress Rank Math SEO Plugin <= 1.0.228 is vulnerable to Broken Access Control
Software Rank Math SEO Type Plugin Vulnerable versions = 1.0.228 Fixed in 1.0.229 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-9161 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID ca30124e345e Credits Leo Required privilege...
WordPress Rank Math SEO Plugin <= 1.0.228 is vulnerable to PHP Object Injection
Software Rank Math SEO Type Plugin Vulnerable versions = 1.0.228 Fixed in 1.0.229 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2024-9314 Patch priority Low CVSS severity Low 7.2 Developer Claim ownership PSID d4844a229841 Credits Leo Required privilege Administrator...
CVE-2024-9314
The Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.0.228 via deserialization of untrusted input 'setredirections' function. This makes it possible for authenticated attackers, with...
CVE-2024-9314
The Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.0.228 via deserialization of untrusted input 'setredirections' function. This makes it possible for authenticated attackers, with...
CVE-2024-9161
The Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to unauthorized modification and loss of data due to a missing capability check on the 'updatemetadata' function in all versions up to, and including, 1.0.228. This makes it possible for unauthenticated...
CVE-2024-9314 Rank Math SEO – AI SEO Tools to Dominate SEO Rankings <= 1.0.228 - Authenticated (Administrator+) PHP Object Injection
The Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.0.228 via deserialization of untrusted input 'setredirections' function. This makes it possible for authenticated attackers, with...
CVE-2024-9314 Rank Math SEO – AI SEO Tools to Dominate SEO Rankings <= 1.0.228 - Authenticated (Administrator+) PHP Object Injection
The Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.0.228 via deserialization of untrusted input 'setredirections' function. This makes it possible for authenticated attackers, with...
CVE-2024-9314
Rank Math SEO – AI Tools to Dominate SEO Rankings (WordPress) is affected by CVE-2024-9314: authenticated administrators can deserialise untrusted input via the set_redirections path, enabling PHP Object Injection in versions up to and including 1.0.228. The vulnerability description notes that n...
CVE-2024-9161 Rank Math SEO – AI SEO Tools to Dominate SEO Rankings <= 1.0.228 - Missing Authorization to Unauthenticated User and Term Metadata Insert, Update, and Delete
The Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to unauthorized modification and loss of data due to a missing capability check on the 'updatemetadata' function in all versions up to, and including, 1.0.228. This makes it possible for unauthenticated...
CVE-2024-9161 Rank Math SEO – AI SEO Tools to Dominate SEO Rankings <= 1.0.228 - Missing Authorization to Unauthenticated User and Term Metadata Insert, Update, and Delete
The Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to unauthorized modification and loss of data due to a missing capability check on the 'updatemetadata' function in all versions up to, and including, 1.0.228. This makes it possible for unauthenticated...
CVE-2024-9161
The CVE-2024-9161 entry affects the WordPress plugin Rank Math SEO – AI SEO Tools to Dominate SEO Rankings (versions up to 1.0.228). The root cause is a missing capability check in the function update_metadata , which allows unauthenticated users to insert, update, or delete metadata (including u...
WordPress plugin Rank Math SEO 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...