CVE-2020-11514: 
WordPress vulnerability analysis and mitigation

The vulnerability (CVE-2020-11514) was discovered in the WordPress SEO Plugin Rank Math versions below 1.0.41. This critical security flaw allowed unauthenticated attackers to modify user permissions through an unprotected REST API endpoint. The vulnerability was disclosed on March 31, 2020, affecting over 200,000 WordPress sites (Wordfence Blog).

The vulnerability stemmed from a REST-API endpoint, 'rankmath/v1/updateMeta', which lacked a permission_callback for capability checking. The endpoint called an update_metadata function that could be exploited to update or delete metadata for posts, comments, terms, and users. Most critically, since WordPress user permissions are stored in the usermeta table, attackers could manipulate administrative privileges for any registered user. The vulnerability received a CVSS score of 9.8 (Critical) (Wordfence Blog).

The vulnerability allowed unauthenticated attackers to grant or revoke administrative privileges for any registered user on the affected WordPress sites. This could lead to complete site takeover by manipulating user permissions through the exposed API endpoint (WPScan).

The vulnerability was patched in Rank Math version 1.0.41. Site administrators were strongly advised to update to this version or later to protect their websites. The fix implemented proper permission checking for the REST API endpoint (Wordfence Blog).