📦

seo

Vendor: rankmath

Actively Exploited 0 CISA KEV List

PoC / Exploits 0 Code Available

Total RCEs 1 Remote Access

Total CVEs 19 Total Indexed

Avg. EPSS 6.74% Exploit Prob.

Latest CVE CVE-2024-13229 Feb 13

Security Vulnerability Index

Page 2 / 2

6.8 CVSS

CVE-2022-36376

Server-Side Request Forgery (SSRF) vulnerability in Rank Math SEO plugin <= 1.0.95 at WordPress.

EPSS: 0.65%

Severity: MEDIUM

Sep 09, 2022

6.1 CVSS

CVE-2020-11515

The Rank Math plugin through 1.0.40.2 for WordPress allows unauthenticated remote attackers to create new URIs (that redirect to an external web site) via the unsecured rankmath/v1/updateRedirection REST API endpoint. In other words, this is not an "Open Redirect" issue; instead, it allows the attacker to create a new URI with an arbitrary name (e.g., the /exampleredirect URI).

EPSS: 0.63%

Severity: MEDIUM

Apr 07, 2020

9.8 CVSS

CVE-2020-11514

The Rank Math plugin through 1.0.40.2 for WordPress allows unauthenticated remote attackers to update arbitrary WordPress metadata, including the ability to escalate or revoke administrative privileges for existing users via the unsecured rankmath/v1/updateMeta REST API endpoint.

EPSS: 65.54%

Severity: CRITICAL

Apr 07, 2020

6.5 CVSS

CVE-2019-14786

The Rank Math SEO plugin 1.0.27 for WordPress allows non-admin users to reset the settings via the wp-admin/admin-post.php reset-cmb parameter.

EPSS: 0.19%

Severity: MEDIUM

Aug 15, 2019

Displaying 4 of 19 Total Entries

1 2

Total 2 Sections