CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 1CVE-2020-11514 – Rank Math SEO <= 1.0.40.2 - Privilege Escalation via Unprotected REST API Endpoint
https://notcve.org/view.php?id=CVE-2020-11514
The Rank Math plugin through 1.0.40.2 for WordPress allows unauthenticated remote attackers to update arbitrary WordPress metadata, including the ability to escalate or revoke administrative privileges for existing users via the unsecured rankmath/v1/updateMeta REST API endpoint. El plugin Rank Math versiones hasta 1.0.40.2 para WordPress, permite a atacantes remotos no autenticados actualizar metadatos de WordPress arbitrarios, incluyendo la capacidad de escalar o revocar privilegios administrativos para los usuarios existentes por medio del endpoint API REST de rankmath/v1/updateMeta no seguro. • https://rankmath.com/changelog https://wordpress.org/plugins/seo-by-rank-math/#developers https://www.wordfence.com/blog/2020/03/critical-vulnerabilities-affecting-over-200000-sites-patched-in-rank-math-seo-plugin • CWE-862: Missing Authorization •
CVSS: 7.4EPSS: 0%CPEs: 1EXPL: 1CVE-2020-11515 – Rank Math SEO <= 1.0.40.2 - Redirect Creation via Unprotected REST API Endpoint
https://notcve.org/view.php?id=CVE-2020-11515
The Rank Math plugin through 1.0.40.2 for WordPress allows unauthenticated remote attackers to create new URIs (that redirect to an external web site) via the unsecured rankmath/v1/updateRedirection REST API endpoint. In other words, this is not an "Open Redirect" issue; instead, it allows the attacker to create a new URI with an arbitrary name (e.g., the /exampleredirect URI). El plugin Rank Math versiones hasta 1.0.40.2 para WordPress, permite a atacantes remotos no autenticados crear nuevos URI (que redireccionan a un sitio web externo) por medio del endpoint API REST de rankmath/v1/updateRedirection no seguro. En otras palabras, este no es un problema de "Open Redirect"; sin embargo, le permite al atacante crear un nuevo URI con un nombre arbitrario (por ejemplo, el URI /exampleredirect). • https://rankmath.com/changelog https://wordpress.org/plugins/seo-by-rank-math/#developers https://www.wordfence.com/blog/2020/03/critical-vulnerabilities-affecting-over-200000-sites-patched-in-rank-math-seo-plugin • CWE-288: Authentication Bypass Using an Alternate Path or Channel CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 2CVE-2019-14786 – Rank Math SEO <= 1.0.27 - Authenticated Settings Reset via reset-cmb Parameter
https://notcve.org/view.php?id=CVE-2019-14786
The Rank Math SEO plugin 1.0.27 for WordPress allows non-admin users to reset the settings via the wp-admin/admin-post.php reset-cmb parameter. El plugin Rank Math SEO versión 1.0.27 para WordPress, permite a los usuarios no administradores restablecer la configuración por medio del parámetro reset-cmb del archivo wp-admin/admin-post.php. • https://rankmath.com/changelog https://wpvulndb.com/vulnerabilities/9375 https://www.pluginvulnerabilities.com/2019/06/20/authenticated-settings-reset-vulnerability-in-rank-math-seo • CWE-285: Improper Authorization CWE-862: Missing Authorization •