Vulnerabilities > Rankmath

DATE CVE VULNERABILITY TITLE RISK
2024-07-02 CVE-2024-4627 Cross-site Scripting vulnerability in Rankmath SEO
The Rank Math SEO WordPress plugin before 1.0.219 does not sanitise and escape some of its settings, which could allow users with access to the General Settings (by default admin, however such access can be given to lower roles via the Role Manager feature of the Rank Math SEO WordPress plugin before 1.0.219) to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
network
low complexity
rankmath CWE-79
5.4
2023-08-06 CVE-2023-32600 Unspecified vulnerability in Rankmath SEO
Auth.
network
low complexity
rankmath
5.4
2023-05-28 CVE-2023-32800 Cross-site Scripting vulnerability in Rankmath SEO PRO
Unauth.
network
low complexity
rankmath CWE-79
6.1
2022-09-09 CVE-2022-36376 Unspecified vulnerability in Rankmath SEO
Server-Side Request Forgery (SSRF) vulnerability in Rank Math SEO plugin <= 1.0.95 at WordPress.
network
low complexity
rankmath
critical
9.8
2020-04-07 CVE-2020-11515 Open Redirect vulnerability in Rankmath SEO
The Rank Math plugin through 1.0.40.2 for WordPress allows unauthenticated remote attackers to create new URIs (that redirect to an external web site) via the unsecured rankmath/v1/updateRedirection REST API endpoint.
network
low complexity
rankmath CWE-601
6.1
2020-04-07 CVE-2020-11514 Missing Authorization vulnerability in Rankmath SEO
The Rank Math plugin through 1.0.40.2 for WordPress allows unauthenticated remote attackers to update arbitrary WordPress metadata, including the ability to escalate or revoke administrative privileges for existing users via the unsecured rankmath/v1/updateMeta REST API endpoint.
network
low complexity
rankmath CWE-862
critical
9.8
2019-08-15 CVE-2019-14786 Missing Authorization vulnerability in Rankmath SEO
The Rank Math SEO plugin 1.0.27 for WordPress allows non-admin users to reset the settings via the wp-admin/admin-post.php reset-cmb parameter.
network
low complexity
rankmath CWE-862
6.5