Lucene search
K

240 matches found

NVD
NVD
added 2025/02/13 5:15 a.m.34 views

CVE-2024-13229

The Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the updatemetadata function in all versions up to, and including, 1.0.235. This makes it possible for authenticated attackers, with...

4.3CVSS0.00417EPSS
Exploits0References5
OSV
OSV
added 2025/02/13 5:15 a.m.4 views

CVE-2024-13229

The Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the updatemetadata function in all versions up to, and including, 1.0.235. This makes it possible for authenticated attackers, with...

4.3CVSS5.8AI score
Exploits0References5
OSV
OSV
added 2025/02/13 5:15 a.m.3 views

CVE-2024-13227

The Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Rank Math API in all versions up to, and including, 1.0.235 due to insufficient input sanitization and output escaping on user supplied attributes. This mak...

5.4CVSS6AI score
Exploits0References5
NVD
NVD
added 2025/02/13 5:15 a.m.19 views

CVE-2024-13227

The Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Rank Math API in all versions up to, and including, 1.0.235 due to insufficient input sanitization and output escaping on user supplied attributes. This mak...

6.4CVSS0.0043EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/02/13 4:21 a.m.25 views

CVE-2024-13229 Rank Math SEO <= 1.0.235 - Missing Authorization to Authenticated (Contributor+) Arbitrary Schema Deletion

The Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the updatemetadata function in all versions up to, and including, 1.0.235. This makes it possible for authenticated attackers, with...

4.3CVSS0.00417EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/02/13 4:21 a.m.15 views

CVE-2024-13227 Rank Math SEO – AI SEO Tools to Dominate SEO Rankings <= 1.0.235 - Authenticated (Contributor+) Stored Cross-Site Scripting via Rank Math API

The Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Rank Math API in all versions up to, and including, 1.0.235 due to insufficient input sanitization and output escaping on user supplied attributes. This mak...

6.4CVSS0.0043EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/02/13 4:21 a.m.14 views

CVE-2024-13227 Rank Math SEO – AI SEO Tools to Dominate SEO Rankings <= 1.0.235 - Authenticated (Contributor+) Stored Cross-Site Scripting via Rank Math API

The Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Rank Math API in all versions up to, and including, 1.0.235 due to insufficient input sanitization and output escaping on user supplied attributes. This mak...

6.4CVSS5.8AI score0.0043EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/02/13 4:21 a.m.11 views

CVE-2024-13229 Rank Math SEO <= 1.0.235 - Missing Authorization to Authenticated (Contributor+) Arbitrary Schema Deletion

The Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the updatemetadata function in all versions up to, and including, 1.0.235. This makes it possible for authenticated attackers, with...

4.3CVSS6.7AI score0.00417EPSS
Exploits0References5
CVE
CVE
added 2025/02/13 4:21 a.m.119 views

CVE-2024-13229

CVE-2024-13229 concerns Rank Math SEO – AI SEO Tools to Dominate SEO Rankings (WordPress) vulnerability: missing capability check in update_metadata() allows authenticated attackers with Contributor+ to delete schema metadata on posts. Affected versions include up to 1.0.235. Exploitation is desc...

4.3CVSS6.5AI score0.00417EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2025/02/13 4:21 a.m.163 views

CVE-2024-13227

The CVE-2024-13227 entry affects the WordPress plugin Rank Math SEO – AI SEO Tools to Dominate SEO Rankings (vulnerable up to 1.0.235). The vulnerability is a Stored Cross-Site Scripting flaw caused by insufficient input sanitization and output escaping on user-supplied attributes via the Rank Ma...

6.4CVSS5.8AI score0.0043EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2025/02/13 12:0 a.m.7 views

PT-2025-6536 · WordPress · Rank Math Seo

Name of the Vulnerable Software and Affected Versions: Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress versions up to, and including, 1.0.235 Description: The issue is related to Stored Cross-Site Scripting via the plugin's Rank Math API due to insufficient input...

6.4CVSS8AI score0.0043EPSS
Exploits0References12
CNNVD
CNNVD
added 2025/02/13 12:0 a.m.5 views

WordPress plugin Rank Math SEO 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

6.4CVSS7.5AI score0.0043EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/02/13 12:0 a.m.6 views

WordPress plugin Rank Math SEO 访问控制错误漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An access control error...

4.3CVSS8.1AI score0.00417EPSS
Exploits0References5
Patchstack
Patchstack
added 2025/02/12 9:16 p.m.5 views

WordPress Rank Math SEO plugin <= 1.0.235 - Authenticated (Contributor+) Stored Cross-Site Scripting via Rank Math API vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Rank Math API vulnerability discovered by Webbernaut in WordPress Plugin Rank Math SEO versions = 1.0.235...

6.4CVSS5.8AI score0.0043EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/02/05 4:34 a.m.8 views

CVE-2024-9314

The Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.0.228 via deserialization of untrusted input 'setredirections' function. This makes it possible for authenticated attackers, with...

7.2CVSS7.1AI score0.00811EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 1:33 a.m.6 views

CVE-2024-11620

Improper Control of Generation of Code 'Code Injection' vulnerability in Rank Math SEO Rank Math SEO seo-by-rank-math allows Code Injection.This issue affects Rank Math SEO: from n/a through = 1.0.231...

7.2AI score0.00673EPSS
Exploits0References1
NVD
NVD
added 2024/11/28 11:15 a.m.21 views

CVE-2024-11620

Improper Control of Generation of Code 'Code Injection' vulnerability in Rank Math SEO Rank Math SEO seo-by-rank-math allows Code Injection.This issue affects Rank Math SEO: from n/a through = 1.0.231...

7.2CVSS0.00673EPSS
Exploits0References1
CVE
CVE
added 2024/11/28 10:34 a.m.69 views

CVE-2024-11620

CVE-2024-11620 corresponds to WordPress Rank Math SEO plugin versions &lt;= 1.0.231, where an arbitrary .htaccess overwrite can lead to Remote Code Execution (RCE). Public sources (Patchstack, CVE records) describe Code Injection via improper code generation control in Rank Math SEO, with CVSSv3....

7.2CVSS7.2AI score0.00673EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/28 10:34 a.m.23 views

CVE-2024-11620 WordPress Rank Math SEO plugin <= 1.0.231 - Arbitrary .htaccess Overwrite to Remote Code Execution (RCE) vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in Rank Math SEO Rank Math SEO seo-by-rank-math allows Code Injection.This issue affects Rank Math SEO: from n/a through = 1.0.231...

7.2CVSS0.00673EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/28 10:34 a.m.13 views

CVE-2024-11620 WordPress Rank Math SEO plugin <= 1.0.231 - Arbitrary .htaccess Overwrite to Remote Code Execution (RCE) vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in Rank Math SEO Rank Math SEO seo-by-rank-math allows Code Injection.This issue affects Rank Math SEO: from n/a through = 1.0.231...

7.2CVSS7.2AI score0.00673EPSS
Exploits0References1
Rows per page
Query Builder