19 matches found
EUVD-2026-10126
The True Ranker plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2.9. This is due to missing nonce validation on the seolocalrank-signout action. This makes it possible for unauthenticated attackers to disconnect the administrator's True...
CVE-2026-1085
The True Ranker plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2.9. This is due to missing nonce validation on the seolocalrank-signout action. This makes it possible for unauthenticated attackers to disconnect the administrator's True...
CVE-2026-1085
CVE-2026-1085 — WordPress True Ranker plugin (versions
CVE-2026-1085 True Ranker <= 2.2.9 - Cross-Site Request Forgery to Unauthorized True Ranker Disconnection
The True Ranker plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2.9. This is due to missing nonce validation on the seolocalrank-signout action. This makes it possible for unauthenticated attackers to disconnect the administrator's True...
CVE-2026-1085
The True Ranker plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2.9. This is due to missing nonce validation on the seolocalrank-signout action. This makes it possible for unauthenticated attackers to disconnect the administrator's True...
WordPress True Ranker plugin <= 2.2.9 - Cross-Site Request Forgery to Unauthorized True Ranker Disconnection vulnerability
Cross-Site Request Forgery to Unauthorized True Ranker Disconnection vulnerability discovered by Nabil Irawan - Heroes Cyber Security in WordPress Plugin True Ranker versions = 2.2.9...
PT-2026-23836
The True Ranker plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2.9. This is due to missing nonce validation on the seolocalrank-signout action. This makes it possible for unauthenticated attackers to disconnect the administrator's True...
WordPress plugin True Ranker 跨站请求伪造漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
VulnCheck KEV: CVE-2021-39312
The True Ranker plugin = 2.2.2 for WordPress allows arbitrary files, including sensitive configuration files such as wp-config.php, to be accessed via the src parameter found in the /admin/vendor/datatables/examples/resources/examples.php file...
WordPress The True Ranker 2.2.2 Plugin - Arbitrary File Read (Unauthenticated) Exploit
Exploit Title: WordPress Plugin The True Ranker 2.2.2 - Arbitrary File Read Unauthenticated Exploit Authors: Nicole Sheinin, Liad Levy Vendor Homepage: https://wordpress.org/plugins/seo-local-rank/ Software Link: https://plugins.svn.wordpress.org/seo-local-rank/tags/2.2.2/ Version: versions = 2.2...
WordPress The True Ranker 2.2.2 Arbitrary File Read
Exploit Title: WordPress Plugin The True Ranker 2.2.2 - Arbitrary File Read Unauthenticated Date: 23/12/2021 Exploit Authors: Nicole Sheinin, Liad Levy Vendor Homepage: https://wordpress.org/plugins/seo-local-rank/ Software Link: https://plugins.svn.wordpress.org/seo-local-rank/tags/2.2.2/ Versio...
WordPress Plugin Path Traversal Vulnerability (CNVD-2021-101672)
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. True Ranker plugin is a WordPress open source application plugin. WordPress True Ranker plugin has a path traversal...
CVE-2021-39312
The True Ranker plugin = 2.2.2 for WordPress allows arbitrary files, including sensitive configuration files such as wp-config.php, to be accessed via the src parameter found in the /admin/vendor/datatables/examples/resources/examples.php file...
CVE-2021-39312 True Ranker <= 2.2.2 Directory Traversal/Arbitrary File Read
The True Ranker plugin = 2.2.2 for WordPress allows arbitrary files, including sensitive configuration files such as wp-config.php, to be accessed via the src parameter found in the /admin/vendor/datatables/examples/resources/examples.php file...
CVE-2021-39312 True Ranker <= 2.2.2 Directory Traversal/Arbitrary File Read
The True Ranker plugin = 2.2.2 for WordPress allows arbitrary files, including sensitive configuration files such as wp-config.php, to be accessed via the src parameter found in the /admin/vendor/datatables/examples/resources/examples.php file...
CVE-2021-39312
Summary: CVE-2021-39312 affects the WordPress True Ranker plugin prior to 2.2.4. The vulnerability is an improper filtering flaw in the local file inclusion path in ~/admin/vendor/datatables/examples/resources/examples.php, allowing an attacker to read arbitrary files (e.g., wp-config.php) via th...
WordPress 插件路径遍历漏洞
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. True Ranker plugin is a WordPress open source application plugin. WordPress True Ranker plugin has a path traversal...
True Ranker < 2.2.4 - Unauthenticated Arbitrary File Access via Path Traversal
The plugin allows arbitrary files, including sensitive configuration files such as wp-config.php, to be accessed via the src parameter found in the /admin/vendor/datatables/examples/resources/examples.php file. PoC Exploit Authors: Nicole Sheinin, Liad Levy Tested on: MacOS !/usr/bin/env python3...
WordPress True Ranker plugin <= 2.2.2 - Directory Traversal/Arbitrary File Read vulnerability
Directory Traversal/Arbitrary File Read vulnerability discovered by p7e4 in WordPress True Ranker plugin versions = 2.2.2. Solution Update the WordPress True Ranker plugin to the latest available version at least 2.2.4...