Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

rankmath — Vulnerabilities & Security Advisories 8

Browse all 8 CVE security advisories affecting rankmath. AI-powered Chinese analysis, POCs, and references for each vulnerability.

RankMath is a WordPress SEO plugin that helps optimize content for search engines. Historically, it has been vulnerable to multiple security issues including remote code execution, cross-site scripting, and privilege escalation vulnerabilities. The plugin's extensive functionality and integration with various WordPress features have created multiple attack surfaces. While no major public security incidents have been widely reported, the 8 documented CVEs highlight ongoing security concerns. Regular updates and proper permission configurations are recommended to mitigate risks. The plugin's popularity makes it a target for attackers seeking to exploit vulnerabilities for website compromise or malicious activities.

Top products by rankmath: Rank Math SEO – AI SEO Tools to Dominate SEO Rankings
CVE IDTitleCVSSSeverityPublished
CVE-2024-13229 Rank Math SEO <= 1.0.235 - Missing Authorization to Authenticated (Contributor+) Arbitrary Schema Deletion — Rank Math SEO – AI SEO Tools to Dominate SEO RankingsCWE-284 4.3 Medium2025-02-13
CVE-2024-13227 Rank Math SEO – AI SEO Tools to Dominate SEO Rankings <= 1.0.235 - Authenticated (Contributor+) Stored Cross-Site Scripting via Rank Math API — Rank Math SEO – AI SEO Tools to Dominate SEO RankingsCWE-79 6.4 Medium2025-02-13
CVE-2024-9314 Rank Math SEO – AI SEO Tools to Dominate SEO Rankings <= 1.0.228 - Authenticated (Administrator+) PHP Object Injection — Rank Math SEO – AI SEO Tools to Dominate SEO RankingsCWE-502 7.2 High2024-10-05
CVE-2024-9161 Rank Math SEO – AI SEO Tools to Dominate SEO Rankings <= 1.0.228 - Missing Authorization to Unauthenticated User and Term Metadata Insert, Update, and Delete — Rank Math SEO – AI SEO Tools to Dominate SEO RankingsCWE-862 6.5 Medium2024-10-05
CVE-2024-4617 Rank Math SEO with AI Best SEO Tools <= 1.0.218 - Authenticated (Contributor+) Stored Cross-Site Scripting — Rank Math SEO – AI SEO Tools to Dominate SEO RankingsCWE-79 6.4 Medium2024-05-16
CVE-2024-4335 Rank Math SEO with AI Best SEO Tools <= 1.0.217 - Authenticated (Contributor+) Stored Cross-Site Scripting — Rank Math SEO – AI SEO Tools to Dominate SEO RankingsCWE-79 6.4 Medium2024-05-09
CVE-2024-3665 Rank Math SEO with AI SEO Tools <= 1.0.216 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'titleWrapper' — Rank Math SEO – AI SEO Tools to Dominate SEO RankingsCWE-79 6.4 Medium2024-04-23
CVE-2024-2536 Rank Math SEO with AI SEO Tools <= 1.0.214 - Authenticated(Contributor+) Stored Cross-Site Scripting via HowTo block attributes — Rank Math SEO – AI SEO Tools to Dominate SEO RankingsCWE-20 6.4 Medium2024-04-09

This page lists every published CVE security advisory associated with rankmath. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.