Vulnerabilities in 'All in One SEO Pack' Wordpress Plugin Put Millions of Sites At Risk

Share it:
Vulnerabilities in 'All in One SEO Pack' Wordpress Plugin Put Millions of Sites At Risk, Multiple Vulnerability Found in All In One SEO Pack, Vulnerability on WordPress, WordPress blogs hacked, hacking Wordpress, Cyber attack on WordPress Blog, WordPress blogs hacked, hacking Word Press BLog or website
Everyone is familiar with WordPress and all of you know that WordPress is one of the most popular CMS used for making website and blogs. All bloggers and webmaster like to see there site ranking top on the search results and for this they use numbers of Search Engine Optimization (SEO) plugins. On these plugins one is 'All in One SEO Pack' which is used by tonnes of users.

But users who are using 'All in One SEO Pack' plugins on there blog or site, its time to update the plugins to its latest version. Yesterday, All in One SEO Pack plugin team has released an emergency security update that patches two critical privilege escalation vulnerabilities and one cross site scripting (XSS) flaw, discovered by security researchers at Sucuri, a web monitoring and malware clean up service.

Sucuri says that, the reported privilege escalation vulnerabilities allow an attacker to add and modify the WordPress website’s meta information, that could harm its search engine ranking negatively. Regarding the cross site scripting (XSS) flaw,  researcher says vulnerability can be exploited by malicious hackers to execute malicious JavaScript code on an administrator’s control panel. 
"This means that an attacker could potentially inject any JavaScript code and do things like changing the admin’s account password to leaving some backdoor in your website’s files in order to conduct even more “evil” activities later."
So we recommend our users who use  All in One SEO Pack, to upgrade it to the latest version All in One SEO 2.1.6 to keep your blog or site secure. Download latest version of All in One SEO Pack. 
Share it:

Vulnerability

Post A Comment:

0 comments:

Follow by Email