Sangnq29

**Name of the Vulnerable Software and Affected Versions** Rankology SEO and Analytics Tool versions prior to 2.1 **Description** The Rankology SEO and Analytics Tool plugin for WordPress has an issue where data can be modified without proper authorization. This is due to a flawed capability check on the 'rankology code block' page. Authenticated attackers with Editor-level access or higher can add header and footer code blocks. The vulnerable component is the capability check on the `/rankology code block` API endpoint. The vulnerable parameter is the ability to add code blocks. **Recommendations** Update to version 2.1 or later.