Seo@* Security Vulnerabilities and Issues — Seo@* CVE List

Lucene search

RankmathSeo*

10 matches found

CVE•added 2025/02/13 5:15 a.m.•97 views

CVE-2024-13227

The Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Rank Math API in all versions up to, and including, 1.0.235 due to insufficient input sanitization and output escaping on user supplied attributes. This makes...

6.4CVSS5.8AI score0.00039EPSS

CVE•added 2022/09/09 3:15 p.m.•90 views

CVE-2022-36376

Server-Side Request Forgery (SSRF) vulnerability in Rank Math SEO plugin

9.8CVSS8.1AI score0.00634EPSS

CVE•added 2020/04/07 5:15 p.m.•71 views

CVE-2020-11514

The Rank Math plugin through 1.0.40.2 for WordPress allows unauthenticated remote attackers to update arbitrary WordPress metadata, including the ability to escalate or revoke administrative privileges for existing users via the unsecured rankmath/v1/updateMeta REST API endpoint.

9.8CVSS9.7AI score0.04415EPSS

CVE•added 2020/04/07 5:15 p.m.•64 views

CVE-2020-11515

The Rank Math plugin through 1.0.40.2 for WordPress allows unauthenticated remote attackers to create new URIs (that redirect to an external web site) via the unsecured rankmath/v1/updateRedirection REST API endpoint. In other words, this is not an "Open Redirect" issue; instead, it allows the atta...

6.1CVSS7AI score0.00447EPSS

CVE•added 2025/02/13 5:15 a.m.•55 views

CVE-2024-13229

The Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the update_metadata() function in all versions up to, and including, 1.0.235. This makes it possible for authenticated attackers, with Contr...

4.3CVSS6.5AI score0.00054EPSS

CVE•added 2024/07/02 6:15 a.m.•47 views

CVE-2024-4627

The Rank Math SEO WordPress plugin before 1.0.219 does not sanitise and escape some of its settings, which could allow users with access to the General Settings (by default admin, however such access can be given to lower roles via the Role Manager feature of the Rank Math SEO WordPress plugin befo...

5.5CVSS5.4AI score0.00023EPSS

CVE•added 2023/08/06 12:15 a.m.•45 views

CVE-2023-32600

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Rank Math SEO plugin

6.5CVSS5.5AI score0.00077EPSS

CVE•added 2024/10/05 12:15 p.m.•45 views

CVE-2024-9161

The Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to unauthorized modification and loss of data due to a missing capability check on the 'update_metadata' function in all versions up to, and including, 1.0.228. This makes it possible for unauthenticated at...

6.5CVSS6.6AI score0.00512EPSS

CVE•added 2024/10/05 12:15 p.m.•43 views

CVE-2024-9314

The Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.0.228 via deserialization of untrusted input 'set_redirections' function. This makes it possible for authenticated attackers, with Administrat...

7.2CVSS7.3AI score0.04919EPSS

CVE•added 2019/08/15 4:15 p.m.•42 views

CVE-2019-14786

The Rank Math SEO plugin 1.0.27 for WordPress allows non-admin users to reset the settings via the wp-admin/admin-post.php reset-cmb parameter.

6.5CVSS6.4AI score0.00205EPSS