The Rank Math plugin up to and including 1.0.40.2 for WordPress allows unauthenticated remote malicious users to update arbitrary WordPress metadata, including the ability to escalate or revoke administrative privileges for existing users via the unsecured rankmath/v1/updateMeta REST API endpoint.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
rankmath seo |