Low 3.8
2025-10-31< 1.0.253
CVE-2025-64350
Rank Math SEO – AI SEO Tools to Dominate SEO Rankings
Minimum safe version
1.0.253
Update to 1.0.253 or later to address 26 fixable vulnerabilities
Latest available1.0.269 ✓
Medium 4.3
2025-10-31< 1.0.253
CVE-2025-64351
Medium 4.3
2025-02-13< 1.0.236
CVE-2024-13229
Medium 6.4
2025-02-13< 1.0.236
CVE-2024-13227
High 7.2
2024-11-28< 1.0.232
CVE-2024-11620
High 7.2
2024-10-07< 1.0.229
WordPress Rank Math SEO Plugin <= 1.0.228 is vulnerable to PHP Object Injection
Medium 6.5
2024-10-07< 1.0.229
WordPress Rank Math SEO Plugin <= 1.0.228 is vulnerable to Broken Access Control
Medium 5.4
2024-07-02< 1.0.219
CVE-2024-4627
Medium 6.4
2024-05-16< 1.0.219
CVE-2024-4617
Medium 5.4
2024-05-09< 1.0.218
CVE-2024-4335
Medium 5.4
2024-04-23< 1.0.217
CVE-2024-3665
Medium 5.4
2024-04-09< 1.0.215
CVE-2024-2536
N/A
< 1.0.27
Seo by Rank Math <= 1.0.26 - XSS Issues
N/A
< 1.0.42.2
Rank Math 0.9~1.0.42.1 - Authenticated Missing Access Controls to Disable Competitor Plugins
Medium 6.5
2023-08-05< 1.0.119.1
CVE-2023-32600
N/A
2023-07-17< 1.0.119.1
Rank Math SEO <= 1.0.119 - Authenticated (Contributor+) Stored Cross-Site Scripting
High 7.6
2024-05-17< 1.0.119.1
CVE-2023-23888
N/A
2023-01-30< 1.0.107.3
RankMath SEO <= 1.0.107.2 - Authenticated (Contributor+) Local File Inclusion
N/A
2019-06-18< 1.0.27
Rank Math SEO <= 1.0.26 - Cross-Site Scripting
N/A
2020-04-18< 1.0.42.2
Rank Math SEO <= 1.0.42.1 - Missing Authorization
Medium 6.8
2023-08-12< 1.0.95.1
WordPress Rank Math SEO Plugin <= 1.0.95 is vulnerable to Server Side Request Forgery (SSRF)
N/A
2019-06-18< 1.0.27
WordPress SEO by Rank Math plugin <= 1.0.26 - Cross-Site Scripting (XSS) vulnerabilities
N/A
2019-06-25< 1.0.27.1
WordPress SEO By Rank Math plugin <= 1.0.27 - Authenticated Settings Reset vulnerability
Medium 6.5
2019-08-15< 1.0.27.1
CVE-2019-14786
Medium 6.1
2020-04-07< 1.0.0.41
CVE-2020-11515
Critical 9.8
2020-04-07< 1.0.0.41
CVE-2020-11514