3 matches found
CVE-2024-4627 Rank Math SEO < 1.0.219 - Authenticated Stored XSS
The Rank Math SEO WordPress plugin before 1.0.219 does not sanitise and escape some of its settings, which could allow users with access to the General Settings by default admin, however such access can be given to lower roles via the Role Manager feature of the Rank Math SEO WordPress plugin...
CVE-2024-4627
CVE-2024-4627 affects Rank Math SEO for WordPress prior to 1.0.219. It is an authenticated Stored XSS due to insufficient sanitisation/escaping of settings, exploitable by users with access to General Settings (admin by default, but grantable via Role Manager in
WordPress Rank Math SEO Plugin < 1.0.219 is vulnerable to Cross Site Scripting (XSS)
Software Rank Math SEO Type Plugin Vulnerable versions 1.0.219 Fixed in 1.0.219 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4627 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID ad021b2fbe4b Credits Dmitrii Ignatyev Require...