Vulnerability Found in All in One SEO Pack. Upgrade Now.
A major vulnerability has been found in the popular WordPress plugin All in One SEO Pack. If you have it installed, your website may be at risk if the plugin is not updated.
The vulnerability was announced by web security firm Sucuri. The flaw leaves websites at risk to users who do not have admin account allowing them to increase their access privileges and add malicious code in the admin panel. Attackers could also modify parameters using the plugin including page titles and meta descriptions.
On their blog, Sucuri states that “if your site has subscribers, authors and non-admin users logging in to wp-admin, you are a risk. If you have open registration, you are at risk, so you have to update the plugin now.”
Download the latest version of the plugin here.
After becoming aware of the issue, our hosting team immediately began updating all of our client sites. If you have any questions or concerns please do not hesitate to contact us.
Categorized in: Code
Comments are closed.
WebSight Design is a Bay Area web design and development firm started in 1995. We build and manage websites for large corporations, as well as small and mid-size businesses looking to expand their reach. We specialize in search engine optimization, social media management, hosting, mobile development, and more.
Contact us today to see how WSD can take your business to the next level with our wide range of design, development, and internet marketing services.