Security News > 2020 > April > Critical Flaw in SEO Plugin Exposed Many WordPress Sites to Attacks
A critical vulnerability in the Rank Math SEO plugin for WordPress could allow attackers to lock administrators out of their own websites, WordPress security company Defiant reports.
Meant to help site owners get access to search engine optimization tools that would improve their SEO and attract more traffic, the plugin has over 200,000 installations.
For this feature, the plugin registered a REST-API endpoint, rankmath/v1/updateMeta, but the lack of a permission callback for capability checking exposes it to attacks.
The endpoint uses the update metadata function to delete or update metadata for posts, comments, and terms, but can also update metadata for users, which results in this critical vulnerability.
The user permissions in WordPress are stored in the usermeta table, and the flaw could result in an unauthenticated attacker granting any registered user administrative privileges.
News URL
Related news
- Critical WordPress Anti-Spam Plugin Flaws Expose 200,000+ Sites to Remote Attacks (source)
- CISA Urges Agencies to Patch Critical "Array Networks" Flaw Amid Active Attacks (source)
- Cleo patches critical zero-day exploited in data theft attacks (source)
- New IOCONTROL malware used in critical infrastructure attacks (source)
- CISA confirms critical Cleo bug exploitation in ransomware attacks (source)
- Iran-linked crew used custom 'cyberweapon' in US critical infrastructure attacks (source)
- 390,000 WordPress accounts stolen from hackers in supply chain attack (source)
- Premium WPLMS WordPress plugins address seven critical flaws (source)
- CISA warns of critical Oracle, Mitel flaws exploited in attacks (source)
- Unpatched critical flaws impact Fancy Product Designer WordPress plugin (source)