Bugs discovered in WordPress plugin, letting hackers gain administrator privileges

A critical vulnerability has been discovered in WordPress Rank Math SEO plugin. With over 200,000 installations, Rank Math helps website owners to attract more traffic to their sites through search engine optimization (SEO).

Rank Math is easy to setup, the setup wizard features support Google Schema Markup (aka Rich Snippets), keyword optimization, Google Search Console integration, Google keyword rank tracking, and more.

Privilege escalation vulnerability, this critical flaw resides in an unprotected REST-API endpoint. It can allow attackers to update arbitrary metadata and revoke or grant administrator privileges to any registered users.

A Second flaw in REST-API endpoint that allows unauthenticated attackers to create redirects from almost any location on the site to any destination. As per Defiant’s QA Ram Gall in a blog post “This attack could be used to prevent access to all of a site’s existing content, except for the homepage, by redirecting visitors to a malicious site,” Many sites have a single administrator with a user ID of 1, which allows an attacker to lock an administrator out of their own site. 

The bug resides in one of the modules of Rank Math and impacts versions prior to These versions have been fully patched. any version of Rank Math lower than 1.0.41 is vulnerable to attack It is highly recommended that users update their Rank Math SEO plugin to  the latest version that contains fixes for both issues.