The Rank Math SEO plugin, which has more than 2 million users, recently patched a stored cross-site scripting vulnerability that allows attackers to upload malicious scripts and launch attacks.
Rank calculation SEO plugin
Rank Math is a popular SEO plugin installed on over 2 million websites. From keyword tracking, Schema.org structured data integration, Google Search Console and Analytics integration, redirect managers, and other features that eliminate the need to use other plugins for technical or on-page SEO. It comes with an amazing set of features.
A popular feature that users appreciate is that it is a modular plugin. This means users can choose the features they want and turn off the ones they don't, making their website perform even faster.
Many people use Rank Math as an alternative to Yoast. Comparing the two, Rank Math is smaller (61.1k lines of code vs. 97.1k lines of Yoast) and uses fewer server resources (memory usage of +0.35 MB vs. +1.62 MB for Yoast). I understand this.
Authenticated stored cross-site scripting
Wordfence WordPress security researchers have published an advisory regarding a vulnerability in the Rank Math SEO plugin that could lead to a stored cross-site scripting (XSS) vulnerability.
A stored XSS vulnerability allows an attacker to upload a malicious script to attack your browser, resulting in the theft of session cookies, gaining unauthorized access to websites, and stealing sensitive data. may be compromised.
Poor input sanitization and output escaping
This vulnerability is due to insufficient input sanitization and output escaping. These are common reasons why XSS vulnerabilities occur in the area of plugins that allow users to upload or enter data.
Sanitizing input data is similar to filtering out unnecessary types of input, such as scripts or HTML, where only text input is expected. Output escaping is the process of validating a website's output and blocking unwanted output, such as malicious script, from reaching the website's browser.
Wordfence warned:
“The Rank Math SEO plugin powered by AI SEO Tools for WordPress does not properly sanitize input and escape escaping of output for user-specified attributes in all versions up to 1.0.214. Vulnerable to stored cross-site scripting.
This allows an authenticated attacker with poster-level access or higher to inject arbitrary web script into a page that will be executed each time a user visits the injected page. ”
Rank Math's update changelog is responsible for documenting changes to the plugin and the reasons for updates. This transparency allows plugin users to understand the importance of specific updates and make informed decisions about the urgency of updates.
The change log identifies patched vulnerabilities.
“Improvement: We have strengthened the security of the HowTo Block plugin to prevent potential abuse by users with post-edit access. Thanks [WordFence]
(https://www.wordfence.com/) Thank you for publishing this responsibly.”
Read the official Wordfence advisory.
Rank Mathematics SEO with AI SEO Tools <= 1.0.214 – Verified by HowTo Block Attributes (Posted by+) Saved Cross-Site Scripting
Featured image by Shutterstock/Roman Samborskyi