Rank Math SEO Plugin Vulnerability Fixed Swiftly
A critical vulnerability was discovered in the Rank Math SEO plugin, allowing attackers to gain administrative access. The issue was promptly addressed and fixed a day after Rank Math was notified.
Privilege Escalation Vulnerability
In WordPress, privilege escalation refers to a situation where a coding bug allows an attacker to elevate their access to administrator level privileges. In the discovered Rank Math exploit, any registered user could take advantage of this flaw to gain such privileges.
Once an attacker has administrator privileges, they can perform various actions, including deleting existing administrators and creating new ones.
Flawed Permission Callback
The WordPress Vulnerability Database noted that the plugin registered a REST-API endpoint which lacked a permission_callback for capability checking. The permission_callback is essential as it verifies whether a user has the necessary permissions to perform an action.
According to the WordPress developer documentation, the permission_callback allows the API to signal what actions a user can perform without needing to attempt the request. The absence of this callback meant the required permission checks were missing.
WordFence highlighted this omission as a critical failure. The lack of a permission_callback in the Rank Math plugin allowed attackers to potentially delete an administrator or grant administrative privileges to another user.
Vulnerable Versions
Any version of Rank Math below 10.0.41 is susceptible to this vulnerability. Users are strongly advised to update their Rank Math SEO plugin to the latest version to protect their websites.
Swift Response from Rank Math
Rank Math was notified of the vulnerability on March 25, 2020 and issued an update the very next day to resolve the issue. This quick action underscores their responsibility and commitment to security.
Transparency and Communication
Rank Math maintained transparency by noting the security fix in their changelog. This responsible approach is commendable and showcases the team’s dedication to user security. Their changelog entry states, "FIXED: A couple of REST API security issues reported by the Wordfence team."
Responsible Handling
The Rank Math team handled the issue transparently and quickly, earning user trust. Their openness about what was fixed stands in contrast to some developers who use vague terms to describe security fixes. Rank Math’s approach inspires confidence in their plugin.
In summary, the Rank Math team acted responsibly and transparently, swiftly mitigating the vulnerability and ensuring user security.
