Update Your All In One SEO Pack WordPress Plugin Now
The Sucuri Blog issued a notice that a popular SEO plugin for WordPress web sites had a major security vulnerability.
The plugin name is the “All in One SEO Pack” and the fix is easy, just make sure to update the plugin immediately.
The vulnerability opened up WordPress blogs that used the plugin, that had subscribers, authors and non-admin users logging in to wp-admin. The code in the plugin had two security issues that enabled hackers to:
(1) Conduct privilege escalation
(2) Cross site scripting (XSS) attacks
Again, the fix is simple, just upgrade to the latest version available for this plugin.
Some opinions expressed in this article may be those of a guest author and not necessarily Search Engine Land. Staff authors are listed here.
(Some images used under license from Shutterstock.com.)
Everything you need to know about SEO, delivered every Thursday.