240 matches found
CVE-2024-13229
The Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the updatemetadata function in all versions up to, and including, 1.0.235. This makes it possible for authenticated attackers, with...
CVE-2024-13229
The Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the updatemetadata function in all versions up to, and including, 1.0.235. This makes it possible for authenticated attackers, with...
CVE-2024-13227
The Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Rank Math API in all versions up to, and including, 1.0.235 due to insufficient input sanitization and output escaping on user supplied attributes. This mak...
CVE-2024-13227
The Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Rank Math API in all versions up to, and including, 1.0.235 due to insufficient input sanitization and output escaping on user supplied attributes. This mak...
CVE-2024-13229 Rank Math SEO <= 1.0.235 - Missing Authorization to Authenticated (Contributor+) Arbitrary Schema Deletion
The Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the updatemetadata function in all versions up to, and including, 1.0.235. This makes it possible for authenticated attackers, with...
CVE-2024-13227 Rank Math SEO – AI SEO Tools to Dominate SEO Rankings <= 1.0.235 - Authenticated (Contributor+) Stored Cross-Site Scripting via Rank Math API
The Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Rank Math API in all versions up to, and including, 1.0.235 due to insufficient input sanitization and output escaping on user supplied attributes. This mak...
CVE-2024-13227 Rank Math SEO – AI SEO Tools to Dominate SEO Rankings <= 1.0.235 - Authenticated (Contributor+) Stored Cross-Site Scripting via Rank Math API
The Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Rank Math API in all versions up to, and including, 1.0.235 due to insufficient input sanitization and output escaping on user supplied attributes. This mak...
CVE-2024-13229 Rank Math SEO <= 1.0.235 - Missing Authorization to Authenticated (Contributor+) Arbitrary Schema Deletion
The Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the updatemetadata function in all versions up to, and including, 1.0.235. This makes it possible for authenticated attackers, with...
CVE-2024-13229
CVE-2024-13229 concerns Rank Math SEO – AI SEO Tools to Dominate SEO Rankings (WordPress) vulnerability: missing capability check in update_metadata() allows authenticated attackers with Contributor+ to delete schema metadata on posts. Affected versions include up to 1.0.235. Exploitation is desc...
CVE-2024-13227
The CVE-2024-13227 entry affects the WordPress plugin Rank Math SEO – AI SEO Tools to Dominate SEO Rankings (vulnerable up to 1.0.235). The vulnerability is a Stored Cross-Site Scripting flaw caused by insufficient input sanitization and output escaping on user-supplied attributes via the Rank Ma...
PT-2025-6536 · WordPress · Rank Math Seo
Name of the Vulnerable Software and Affected Versions: Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress versions up to, and including, 1.0.235 Description: The issue is related to Stored Cross-Site Scripting via the plugin's Rank Math API due to insufficient input...
WordPress plugin Rank Math SEO 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
WordPress plugin Rank Math SEO 访问控制错误漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An access control error...
WordPress Rank Math SEO plugin <= 1.0.235 - Authenticated (Contributor+) Stored Cross-Site Scripting via Rank Math API vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via Rank Math API vulnerability discovered by Webbernaut in WordPress Plugin Rank Math SEO versions = 1.0.235...
CVE-2024-9314
The Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.0.228 via deserialization of untrusted input 'setredirections' function. This makes it possible for authenticated attackers, with...
CVE-2024-11620
Improper Control of Generation of Code 'Code Injection' vulnerability in Rank Math SEO Rank Math SEO seo-by-rank-math allows Code Injection.This issue affects Rank Math SEO: from n/a through = 1.0.231...
CVE-2024-11620
Improper Control of Generation of Code 'Code Injection' vulnerability in Rank Math SEO Rank Math SEO seo-by-rank-math allows Code Injection.This issue affects Rank Math SEO: from n/a through = 1.0.231...
CVE-2024-11620
CVE-2024-11620 corresponds to WordPress Rank Math SEO plugin versions <= 1.0.231, where an arbitrary .htaccess overwrite can lead to Remote Code Execution (RCE). Public sources (Patchstack, CVE records) describe Code Injection via improper code generation control in Rank Math SEO, with CVSSv3....
CVE-2024-11620 WordPress Rank Math SEO plugin <= 1.0.231 - Arbitrary .htaccess Overwrite to Remote Code Execution (RCE) vulnerability
Improper Control of Generation of Code 'Code Injection' vulnerability in Rank Math SEO Rank Math SEO seo-by-rank-math allows Code Injection.This issue affects Rank Math SEO: from n/a through = 1.0.231...
CVE-2024-11620 WordPress Rank Math SEO plugin <= 1.0.231 - Arbitrary .htaccess Overwrite to Remote Code Execution (RCE) vulnerability
Improper Control of Generation of Code 'Code Injection' vulnerability in Rank Math SEO Rank Math SEO seo-by-rank-math allows Code Injection.This issue affects Rank Math SEO: from n/a through = 1.0.231...