Lucene search
K

240 matches found

CNNVD
CNNVD
added 2024/11/28 12:0 a.m.4 views

WordPress plugin Rank Math SEO 代码注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code injection...

7.2CVSS8.4AI score0.00673EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/11/28 12:0 a.m.4 views

PT-2024-17142 · Unknown · Rank Math Seo

Name of the Vulnerable Software and Affected Versions: Rank Math SEO versions 1.0.2 through 1.0.231 Description: A Code Injection vulnerability exists in Rank Math SEO, allowing improper control of code generation. This issue enables code injection, potentially leading to security breaches. The...

7.2CVSS9.8AI score0.00673EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2024/11/25 12:0 a.m.31 views

Rank Math SEO with AI SEO Tools Plugin < 1.0.229 Multiple Vulnerabilities

The WordPress plugin SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:rankmath:seo"; ifdescription...

7.2CVSS6.9AI score0.02045EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/11/22 1:39 p.m.6 views

WordPress Rank Math SEO plugin <= 1.0.231 - Arbitrary .htaccess Overwrite to Remote Code Execution (RCE) vulnerability

Arbitrary .htaccess Overwrite to Remote Code Execution RCE vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Rank Math SEO versions = 1.0.231...

7.2CVSS7.5AI score0.00673EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/11/22 12:0 a.m.17 views

WordPress Rank Math SEO Plugin <= 1.0.231 is vulnerable to Remote Code Execution (RCE)

Software Rank Math SEO Type Plugin Vulnerable versions = 1.0.231 Fixed in 1.0.232 OWASP Top 10 A3: Injection Classification Remote Code Execution RCE CVE CVE-2024-11620 Patch priority Medium CVSS severity Medium 7.2 Developer Claim ownership PSID fa39a0816eed Credits Rafie Muhammad Patchstack...

7.6AI score0.00673EPSS
Exploits0References2Affected Software1
VulnCheck KEV
VulnCheck KEV
added 2024/10/25 12:0 a.m.5 views

VulnCheck KEV: CVE-2024-9161

The Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to unauthorized modification and loss of data due to a missing capability check on the 'updatemetadata' function in all versions up to, and including, 1.0.228. This makes it possible for...

6.5CVSS5.8AI score0.02045EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/10/07 12:37 a.m.7 views

WordPress Rank Math SEO plugin <= 1.0.228 - Missing Authorization to Unauthenticated User and Term Metadata Insert, Update, and Delete vulnerability

Missing Authorization to Unauthenticated User and Term Metadata Insert, Update, and Delete vulnerability discovered by Leo in WordPress Plugin Rank Math SEO versions = 1.0.228...

6.5CVSS7AI score0.02045EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/10/07 12:36 a.m.6 views

WordPress Rank Math SEO plugin <= 1.0.228 - Authenticated (Administrator+) PHP Object Injection vulnerability

Authenticated Administrator+ PHP Object Injection vulnerability discovered by Leo in WordPress Plugin Rank Math SEO versions = 1.0.228...

7.2CVSS7.3AI score0.00811EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/10/07 12:0 a.m.25 views

WordPress Rank Math SEO Plugin <= 1.0.228 is vulnerable to Broken Access Control

Software Rank Math SEO Type Plugin Vulnerable versions = 1.0.228 Fixed in 1.0.229 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-9161 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID ca30124e345e Credits Leo Required privilege...

6.5CVSS6.5AI score0.02045EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/10/07 12:0 a.m.16 views

WordPress Rank Math SEO Plugin <= 1.0.228 is vulnerable to PHP Object Injection

Software Rank Math SEO Type Plugin Vulnerable versions = 1.0.228 Fixed in 1.0.229 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2024-9314 Patch priority Low CVSS severity Low 7.2 Developer Claim ownership PSID d4844a229841 Credits Leo Required privilege Administrator...

7.2CVSS6.9AI score0.00811EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2024/10/05 12:15 p.m.19 views

CVE-2024-9314

The Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.0.228 via deserialization of untrusted input 'setredirections' function. This makes it possible for authenticated attackers, with...

7.2CVSS0.00811EPSS
Exploits0References4
OSV
OSV
added 2024/10/05 12:15 p.m.6 views

CVE-2024-9314

The Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.0.228 via deserialization of untrusted input 'setredirections' function. This makes it possible for authenticated attackers, with...

7.2CVSS6AI score0.00811EPSS
Exploits0References4
OSV
OSV
added 2024/10/05 12:15 p.m.3 views

CVE-2024-9161

The Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to unauthorized modification and loss of data due to a missing capability check on the 'updatemetadata' function in all versions up to, and including, 1.0.228. This makes it possible for unauthenticated...

6.5CVSS5.9AI score
Exploits0References6
Vulnrichment
Vulnrichment
added 2024/10/05 11:21 a.m.16 views

CVE-2024-9314 Rank Math SEO – AI SEO Tools to Dominate SEO Rankings <= 1.0.228 - Authenticated (Administrator+) PHP Object Injection

The Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.0.228 via deserialization of untrusted input 'setredirections' function. This makes it possible for authenticated attackers, with...

7.2CVSS7.4AI score0.00811EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/10/05 11:21 a.m.20 views

CVE-2024-9314 Rank Math SEO – AI SEO Tools to Dominate SEO Rankings <= 1.0.228 - Authenticated (Administrator+) PHP Object Injection

The Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.0.228 via deserialization of untrusted input 'setredirections' function. This makes it possible for authenticated attackers, with...

7.2CVSS0.00811EPSS
Exploits0References4
CVE
CVE
added 2024/10/05 11:21 a.m.112 views

CVE-2024-9314

Rank Math SEO – AI Tools to Dominate SEO Rankings (WordPress) is affected by CVE-2024-9314: authenticated administrators can deserialise untrusted input via the set_redirections path, enabling PHP Object Injection in versions up to and including 1.0.228. The vulnerability description notes that n...

7.2CVSS7.3AI score0.00811EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2024/10/05 11:21 a.m.26 views

CVE-2024-9161 Rank Math SEO – AI SEO Tools to Dominate SEO Rankings <= 1.0.228 - Missing Authorization to Unauthenticated User and Term Metadata Insert, Update, and Delete

The Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to unauthorized modification and loss of data due to a missing capability check on the 'updatemetadata' function in all versions up to, and including, 1.0.228. This makes it possible for unauthenticated...

6.5CVSS0.02045EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2024/10/05 11:21 a.m.17 views

CVE-2024-9161 Rank Math SEO – AI SEO Tools to Dominate SEO Rankings <= 1.0.228 - Missing Authorization to Unauthenticated User and Term Metadata Insert, Update, and Delete

The Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to unauthorized modification and loss of data due to a missing capability check on the 'updatemetadata' function in all versions up to, and including, 1.0.228. This makes it possible for unauthenticated...

6.5CVSS6.9AI score0.02045EPSS
Exploits0References6
CVE
CVE
added 2024/10/05 11:21 a.m.119 views

CVE-2024-9161

The CVE-2024-9161 entry affects the WordPress plugin Rank Math SEO – AI SEO Tools to Dominate SEO Rankings (versions up to 1.0.228). The root cause is a missing capability check in the function update_metadata , which allows unauthenticated users to insert, update, or delete metadata (including u...

6.5CVSS6.6AI score0.02045EPSS
Exploits0References6Affected Software1
CNNVD
CNNVD
added 2024/10/05 12:0 a.m.3 views

WordPress plugin Rank Math SEO 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

6.5CVSS6.1AI score0.02045EPSS
Exploits0References7
Rows per page
Query Builder