Update WordPress plugin “All in one SEO”

The  All-in-One SEO  WordPress plugin ( which you probably know ) has been updated to address two security issues that Sucuri discovered during a security audit. According to Sucuri, one of the vulnerabilities can be used to elevate privileges, while the other addresses attacks from “  cross-site scripting ”  .

 



A logged-in user who does not have administrative options was able to change some plugin settings like SEO job, description, and meta tags. These changes could lead to long-term negative effects on SEO.

Additionally, this bug can be used to execute malicious code on the administrator control panel. Sucuri mentioned, “This means that an attacker could inject JavaScript code and do things like change the administrator account password, which will open the door for more hacking. 

 

Therefore, you need to be able to update your additional All In One SEO PackWe hope you find this news useful. Let us know what you think and don’t forget to share the article.

1 thought on “Update WordPress plugin “All in one SEO””

Leave a Comment

Your email address will not be published. Required fields are marked *