cleantalk
Vulnerabilities and Security Researches

Rank Math SEO with AI SEO Tools, CVE-2024-9314

CVE, Research URL

CVE-2024-9314

Home page URL

Security reports for Rank Math SEO with AI SEO Tools

Application

Rank Math SEO with AI SEO Tools

Published on
Oct 05, 2024
Research Description
The Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.0.228 via deserialization of untrusted input 'set_redirections' function. This makes it possible for authenticated attackers, with Administrator-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code.
Affected versions
Min -, max 1.0.229.
Status
vulnerable
Previous vulnerability researches
Rank Math SEO with AI SEO Tools (CVE-2023-23888) , Jun 07, 2024
Rank Math SEO with AI SEO Tools (CVE-2020-11514) , Jun 07, 2024
Rank Math SEO with AI SEO Tools (CVE-2020-11515) , Jun 07, 2024
Rank Math SEO with AI SEO Tools (CVE-2019-14786) , Jun 07, 2024
Rank Math SEO with AI SEO Tools (CVE-2024-3665) , Jun 07, 2024
New vulnerability
Lottie Player block – Implement Lottie animations. (CVE-2025-2579) , Apr 26, 2025
360 Product Rotation (CVE-2024-13823) , Apr 26, 2025
User Registration – Custom Registration Form, Login Form, and User Profile WordPress Plugin (CVE-2025-39400) , Apr 26, 2025
License For Envato (CVE-2025-39399) , Apr 25, 2025
occupancyplan (CVE-2025-46450) , Apr 25, 2025