Serious vulnerabilities found in ‘All in One Seo Pack’ – Update it now!

Serious vulnerabilities found in ‘All in One Seo Pack’ – Update it now!
  • By
  • June 2, 2014
  • 0 Comment

Are you or your company using All in one SEO Pack? If yes, you must update it to the latest version as soon as possible. Security firm Sucuri has discovered some serious vulnerabilities in ‘All in One SEO Pack’ which can allow an attacker to modify your site’s meta description, which could harm your website’s search engine ranking negatively.

WordPress_›_All_in_One_SEO_Pack_

 

Sucuri reported “In the first case, a logged-in user, without possessing any kind of administrative privileges (like an author of subscriber), could add or modify certain parameters used by the plugin. It includes the post’s SEO title, description and keyword meta tags.”

Experts at Sucuri also reported that cross-site scripting vulnerability can be exploited by malicious hackers to execute malicious JavaScript code on an administrator’s control panel. This means that a hacker could inject any JavaScript code and do things like creating new admin accounts or leaving some backdoors in your website to conduct even more harmful operations later.

Worldwide more than 70 million websites are using WordPress and about 16 million websites are using All in One SEO pack which make these websites vulnerable to perform DDos attacks or abuse WordPress site until they update their plugin to the latest version which is 2.1.6

Following is the change log provided by All in One SEO Pack’s developers for version 2.1.6

All_in_One_SEO_Pack_Changelog

Images are courtesy of WordPress and Sucuri 

 

Related Articles

  • Make Money Online Without Investment as a Freelance Web Developer

    Gone are the days when people had to search for jobs through newspaper and fliers, and had to wake up early in the morning to reach their workplace on time. With the advancement of internet, there are various possible ways to make money from home by employing your best skills. I am not just talking about starting a blog and making money through AdSense, there are loads of other ways you can use to generate a handsome monthly income as a freelance web developer. This guide particularly would highlight the online money making channels and methods for web developers.

  • Form Vs Function in WordPress – Everything You Should Know

    Form Vs Function Form and Function are the two main parts of a WordPress website. When you are building a WordPress website, these are the parts to code. Here, in this article, get to know everything you need to know…

  • National Retail Federation Projects 2017 Ecommerce Sales to Grow 8-12 Percent

    As if more proof were needed that retailing is survival of the fittest, the National Retail Federation has released its projections for 2017 and eCommerce is once again proving to be the big winner over bricks and mortar. In total,…

Written By
Ali Sadiq

Ali is a full time web designer plus web developer. Eager to learn various new and useful web design trends. He is an enthusiast seeker who loves to explore frameworks, tools, plugins and hence love to learn and practice new developments in the entire field.

Leave a Reply

Your email address will not be published. Required fields are marked *