7 matches found
CVE-2026-1085
The True Ranker plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2.9. This is due to missing nonce validation on the seolocalrank-signout action. This makes it possible for unauthenticated attackers to disconnect the administrator's True...
CVE-2026-1085
CVE-2026-1085 — WordPress True Ranker plugin (versions
WordPress plugin True Ranker 跨站请求伪造漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
PT-2026-23836
The True Ranker plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2.9. This is due to missing nonce validation on the seolocalrank-signout action. This makes it possible for unauthenticated attackers to disconnect the administrator's True...
VulnCheck KEV: CVE-2021-39312
The True Ranker plugin = 2.2.2 for WordPress allows arbitrary files, including sensitive configuration files such as wp-config.php, to be accessed via the src parameter found in the /admin/vendor/datatables/examples/resources/examples.php file...
WordPress The True Ranker 2.2.2 Plugin - Arbitrary File Read (Unauthenticated) Exploit
Exploit Title: WordPress Plugin The True Ranker 2.2.2 - Arbitrary File Read Unauthenticated Exploit Authors: Nicole Sheinin, Liad Levy Vendor Homepage: https://wordpress.org/plugins/seo-local-rank/ Software Link: https://plugins.svn.wordpress.org/seo-local-rank/tags/2.2.2/ Version: versions = 2.2...
WordPress 插件路径遍历漏洞
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. True Ranker plugin is a WordPress open source application plugin. WordPress True Ranker plugin has a path traversal...