The Rank Math plugin through 1.0.40.2 for WordPress allows unauthenticated remote attackers to update arbitrary WordPress metadata, including the ability to escalate or revoke administrative privileges for existing users via the unsecured rankmath/v1/updateMeta REST API endpoint.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2020-04-07T16:50:15
Updated: 2024-08-04T11:35:13.105Z
Reserved: 2020-04-03T00:00:00
Link: CVE-2020-11514
Vulnrichment
No data.
NVD
Status : Modified
Published: 2020-04-07T17:15:13.573
Modified: 2024-11-21T04:58:03.040
Link: CVE-2020-11514
Redhat
No data.