Unrated severityNVD Advisory· Published Apr 7, 2020· Updated Aug 4, 2024
CVE-2020-11515
CVE-2020-11515
Description
The Rank Math plugin through 1.0.40.2 for WordPress allows unauthenticated remote attackers to create new URIs (that redirect to an external web site) via the unsecured rankmath/v1/updateRedirection REST API endpoint. In other words, this is not an "Open Redirect" issue; instead, it allows the attacker to create a new URI with an arbitrary name (e.g., the /exampleredirect URI).
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/Rank Math plugindescription
- Range: <=1.0.40.2
Patches
Vulnerability mechanics
References
3- rankmath.com/changelog/mitrex_refsource_MISC
- wordpress.org/plugins/seo-by-rank-math/mitrex_refsource_MISC
- www.wordfence.com/blog/2020/03/critical-vulnerabilities-affecting-over-200000-sites-patched-in-rank-math-seo-plugin/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.