Vulnerabilities > Rankmath

DATE CVE VULNERABILITY TITLE RISK
2023-08-06 CVE-2023-32600 Cross-site Scripting vulnerability in Rankmath SEO
Auth.
network
low complexity
rankmath CWE-79
5.4
2023-05-28 CVE-2023-32800 Cross-site Scripting vulnerability in Rankmath SEO PRO
Unauth.
network
low complexity
rankmath CWE-79
6.1
2022-09-09 CVE-2022-36376 Server-Side Request Forgery (SSRF) vulnerability in Rankmath SEO
Server-Side Request Forgery (SSRF) vulnerability in Rank Math SEO plugin <= 1.0.95 at WordPress.
network
low complexity
rankmath CWE-918
critical
9.8
2020-04-07 CVE-2020-11515 Open Redirect vulnerability in Rankmath SEO
The Rank Math plugin through 1.0.40.2 for WordPress allows unauthenticated remote attackers to create new URIs (that redirect to an external web site) via the unsecured rankmath/v1/updateRedirection REST API endpoint.
network
low complexity
rankmath CWE-601
6.1
2020-04-07 CVE-2020-11514 Missing Authorization vulnerability in Rankmath SEO
The Rank Math plugin through 1.0.40.2 for WordPress allows unauthenticated remote attackers to update arbitrary WordPress metadata, including the ability to escalate or revoke administrative privileges for existing users via the unsecured rankmath/v1/updateMeta REST API endpoint.
network
low complexity
rankmath CWE-862
critical
9.8
2019-08-15 CVE-2019-14786 Missing Authorization vulnerability in Rankmath SEO
The Rank Math SEO plugin 1.0.27 for WordPress allows non-admin users to reset the settings via the wp-admin/admin-post.php reset-cmb parameter.
network
low complexity
rankmath CWE-862
6.5