Critical Vulnerability found in WordPress Rank Math SEO Plugin

April 2, 2020
Google-is-making-COVID-19-Data-more-Accessible-in-search-Results
Google is Making COVID 19 Data More Accessible in Search Results
April 1, 2020
Facebook Has Launched The Messenger App For Desktop
Facebook Has Launched The Messenger App For Desktop
April 3, 2020
Critical Vulnerability found in WordPress Rank Math SEO Plugin

WordPress Development Company Sweden

Rank Math SEO plugin was found to have a basic vulnerability. The vulnerability could allow a hacker to get admin access. The issue was fixed one day after Rank Math was notified.

Privilege Escalation Vulnerability

Privilege Escalation with regards to a WordPress site is a reference to a circumstance like a coding bug that makes an open door for an attacker to gain higher access, up to admin level privilege.

In the Rank Math abuse that was found, any enlisted client could misuse this defect and gain admin privileges.

When an attacker has gotten admin access they can do an many things, including erasing an admin and making another one.

As per WordPress Vulnerability Database:

“This plugin registered a REST-API endpoint, rankmath/v1/updateMeta, which failed to include a permission_callback used for capability checking.”

The permission_callback confirms that the user playing out the activity has the authorization to play out the activity.

This is how the official WordPress developer documentation portrays the significance of the permission_callback:

“This is a function that checks if the user can perform the action (reading, updating, etc) before the real callback is called. This allows the API to tell the client what actions they can perform on a given URL without needing to attempt the request first.”

What that seems to state is that the permission_callback that checks if the client has the right authorization should be there however it was absent.

WordFence alludes to the absence of a permission_callback a disappointment:

“In order to add this feature, the plugin registered a REST-API endpoint, rankmath/v1/updateMeta, which failed to include a permission_callback used for capability checking.

…The WordPress SEO Plugin – Rank Math plugin includes a number of optional modules, including a module that can be used to create redirects on a site.

In order to add this feature, the plugin registered a REST-API endpoint… which again failed to include a permission_callback for capability checking.”

The WordPress Vulnerability Database expressed that the failure to include a permission_callback could permit a hacker to erase an admin or award admin privileges to a registered user.

Which Versions of Rank Math are Vulnerable

As of now, any version of Rank Math lower than 10.0.41 is vulnerable against an assault.

It is strongly recommended that users update their Rank Math SEO module to the most recent version

Rank Math Responded Quickly

Rank Math was notified of the vulnerability on March 25, 2020. An update to fix the defenselessness was given the next day, March 26, 2020.

Rank Math fixed the issue in an opportune and dependable way.

Did Rank Math Notify Users About the Problem?

Yes, Rank Math worked in a straightforward way. Their changelog contains a note that they fixed a security issue. This is incredible that the Rank Math group did that and it shows they are responsible developers.

This is the thing that the official Rank Math changelog depicts the fix:

“FIXED: A couple of REST API security issues reported by Wordfence team”

Rank Math Handled Problem Responsibly

The Rank Math team spoke the truth about the issue and reacted rapidly to tackle the issue.

Some developers attempt to conceal what was fixed and utilize misty phrases about fixing something without really saying it was a security issue.

So I need to compliment Rank Math for being straightforward. Their quick reaction and straightforwardness about what they are fixing moves trust in their plugin.

The official WordFence description of the basic vulnerability.

We at CodeLedge, offer the WordPress Development Services in Sweden. Feel free to discuss your queries with us. Email us at hi@codeledge.com or get a quote from here.

Leave a Reply

Your email address will not be published. Required fields are marked *

Translate »