CVE-2024-2536
- EPSS 0.18%
- Veröffentlicht 09.04.2024 19:15:35
- Zuletzt bearbeitet 10.10.2025 17:49:36
The Rank Math SEO with AI SEO Tools plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the HowTo block attributes in all versions up to, and including, 1.0.214 due to insufficient input sanitization and output escaping on user supp...
CVE-2023-32600
- EPSS 0.08%
- Veröffentlicht 06.08.2023 00:15:09
- Zuletzt bearbeitet 21.11.2024 08:03:40
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Rank Math SEO plugin <= 1.0.119 versions.
CVE-2022-36376
- EPSS 0.65%
- Veröffentlicht 09.09.2022 15:15:10
- Zuletzt bearbeitet 21.11.2024 07:12:53
Server-Side Request Forgery (SSRF) vulnerability in Rank Math SEO plugin <= 1.0.95 at WordPress.
CVE-2020-11514
- EPSS 65.54%
- Veröffentlicht 07.04.2020 17:15:13
- Zuletzt bearbeitet 21.11.2024 04:58:03
The Rank Math plugin through 1.0.40.2 for WordPress allows unauthenticated remote attackers to update arbitrary WordPress metadata, including the ability to escalate or revoke administrative privileges for existing users via the unsecured rankmath/v1...
CVE-2020-11515
- EPSS 0.63%
- Veröffentlicht 07.04.2020 17:15:13
- Zuletzt bearbeitet 21.11.2024 04:58:03
The Rank Math plugin through 1.0.40.2 for WordPress allows unauthenticated remote attackers to create new URIs (that redirect to an external web site) via the unsecured rankmath/v1/updateRedirection REST API endpoint. In other words, this is not an "...
CVE-2019-14786
- EPSS 0.2%
- Veröffentlicht 15.08.2019 16:15:12
- Zuletzt bearbeitet 21.11.2024 04:27:20
The Rank Math SEO plugin 1.0.27 for WordPress allows non-admin users to reset the settings via the wp-admin/admin-post.php reset-cmb parameter.