Rank Math SEO with AI Best SEO Tools

Wordfence Intelligence   >   Vulnerability Database   >   WordPress Plugins   >   Rank Math SEO with AI Best SEO Tools

Information

Software Type Plugin
Software Slug seo-by-rank-math (view on wordpress.org)
Software Status Active
Software Author rankmath
Software Website rankmath.com
Software Downloads 93,040,737
Software Active Installs 2,000,000
Software Record Last Updated April 27, 2024

10 Vulnerabilities

Rank Math SEO with AI SEO Tools <= 1.0.216 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'titleWrapper'
6.4
CVE-2024-3665
Apr 22, 2024
Researcher: wesley (wcraft)
Rank Math SEO with AI SEO Tools <= 1.0.214 - Authenticated(Contributor+) Stored Cross-Site Scripting via HowTo block attributes
6.4
CVE-2024-2536
Mar 21, 2024
Researcher: Ngô Thiên An (ancorn_)
Rank Math SEO <= 1.0.119 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2023-32600
Jul 17, 2023
Researcher: Rafie Muhammad
RankMath SEO <= 1.0.107.2 - Authenticated (Contributor+) Local File Inclusion
6.5
CVE-2023-23888
Jan 30, 2023
Researcher: Rafie Muhammad
Rank Math SEO <= 1.0.95 - Server-Side Request Forgery
5.4
CVE-2022-36376
Aug 12, 2022
Researcher: Rafie Muhammad
Rank Math SEO <= 1.0.42.1 - Missing Authorization
5.4
CVE ID Unknown
Apr 18, 2020
Researchers:
Rank Math SEO <= 1.0.40.2 - Redirect Creation via Unprotected REST API Endpoint
7.4
CVE-2020-11515
Mar 25, 2020
Researcher: Ram
Rank Math SEO <= 1.0.40.2 - Privilege Escalation via Unprotected REST API Endpoint
9.8
CVE-2020-11514
Mar 25, 2020
Researcher: Ram
Rank Math SEO <= 1.0.27 - Authenticated Settings Reset via reset-cmb Parameter
6.5
CVE-2019-14786
Jun 21, 2019
Researchers:
Rank Math SEO <= 1.0.26 - Cross-Site Scripting
7.2
CVE ID Unknown
Jun 18, 2019
Researchers:
Title CVE ID CVSS Researchers Date
Rank Math SEO with AI SEO Tools <= 1.0.216 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'titleWrapper' CVE-2024-3665 6.4 wesley (wcraft) April 22, 2024
Rank Math SEO with AI SEO Tools <= 1.0.214 - Authenticated(Contributor+) Stored Cross-Site Scripting via HowTo block attributes CVE-2024-2536 6.4 Ngô Thiên An (ancorn_) March 21, 2024
Rank Math SEO <= 1.0.119 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2023-32600 6.4 Rafie Muhammad July 17, 2023
RankMath SEO <= 1.0.107.2 - Authenticated (Contributor+) Local File Inclusion CVE-2023-23888 6.5 Rafie Muhammad January 30, 2023
Rank Math SEO <= 1.0.95 - Server-Side Request Forgery CVE-2022-36376 5.4 Rafie Muhammad August 12, 2022
Rank Math SEO <= 1.0.42.1 - Missing Authorization 5.4 April 18, 2020
Rank Math SEO <= 1.0.40.2 - Redirect Creation via Unprotected REST API Endpoint CVE-2020-11515 7.4 Ram March 25, 2020
Rank Math SEO <= 1.0.40.2 - Privilege Escalation via Unprotected REST API Endpoint CVE-2020-11514 9.8 Ram March 25, 2020
Rank Math SEO <= 1.0.27 - Authenticated Settings Reset via reset-cmb Parameter CVE-2019-14786 6.5 June 21, 2019
Rank Math SEO <= 1.0.26 - Cross-Site Scripting 7.2 June 18, 2019

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation