CVE-2025-12958 – WordPress Rankology SEO and Analytics Tool Plugin Unauthenticated Code Injection

CVE ID : CVE-2025-12958

Published : Jan. 7, 2026, 10:20 a.m. | 2 hours, 7 minutes ago

Description : The Rankology SEO and Analytics Tool plugin for WordPress is vulnerable to unauthorized modification of data due to an incorrect capability check on the ‘rankology_code_block’ page in all versions up to, and including, 2.0. This makes it possible for authenticated attackers, with Editor-level access and above, to add header and footer code blocks.

Severity: 2.7 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…