cbcvebase.
CVE-2020-11515
published 2020-04-07

CVE-2020-11515: The Rank Math plugin through 1.0.40.2 for WordPress allows unauthenticated remote attackers to create new URIs (that redirect to an external web site) via the…

PriorityP179medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
2.07%
79.1th percentile
The Rank Math plugin through 1.0.40.2 for WordPress allows unauthenticated remote attackers to create new URIs (that redirect to an external web site) via the unsecured rankmath/v1/updateRedirection REST API endpoint. In other words, this is not an "Open Redirect" issue; instead, it allows the attacker to create a new URI with an arbitrary name (e.g., the /exampleredirect URI).

Affected

1 ranges
VendorProductVersion rangeFixed in
rankmathseo<= 1.0.40.2

Detection & IOCsextracted from sources · hover to see the quote

url/wp-json/rankmath/v1/updateRedirection
path/wp-content/plugins/seo-by-rank-math/
  • Detect unauthenticated POST requests to the WordPress REST API endpoint /wp-json/rankmath/v1/updateRedirection with a JSON body containing 'redirectionUrl', 'redirectionSources', and 'hasRedirect' fields — no authentication required for exploitation.
  • Presence of the plugin directory /wp-content/plugins/seo-by-rank-math/ on a WordPress site indicates potential exposure; use PublicWWW or web crawling to identify affected installations.
  • ·The vulnerable REST API endpoint rankmath/v1/updateRedirection is unprotected (no authentication required) only in Rank Math SEO plugin versions up to and including 1.0.40.2; versions 1.0.41 and later are patched.

CVSS provenance

nvdv3.16.1MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
nvdv2.05.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:N
vulncheck6.1MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.