• Test


Security Flaws in WordPress SEO Plugin Leave Sites At Risk

All In One SEO Pack a popular WordPress SEO plugin, was recently discovered to have security flaws that could compromise the SEO of your website and the over all security of the website.

Sucuri the organization that discovered these two glitches “If your site has subscribers, authors and non-admin users logging in to wp-admin, you are a risk,” the Sucuri researchers said Saturday in a blog post. “If you have open registration, you are at risk, so you have to update the plugin now.”.

The exploits are quite different, but together they make a nasty pair.

All In One SEO Pack Exploits

Exploit one is where any user subscriber or admin has the ability to change the meta information of an article. For instance let’s say I was a subscriber to your website, I would be able to change the SEO title of I love dogs to I eat dogs and everyone would ignore that website hurting your over all SEO.

Exploit two is one where someone can inject malicious code into your administration panel. This basically means if I wanted to I could place a malicious script in your administration panel and when ever you load into your administration panel, it will load the script and cause you whatever damage I wanted it to.

If you are using this plugin and have not updated it to the most recent release, it is imperative that you do so or your website is going to be at risk. However, if you are not open to registration this is not as big of an issue. However, it is still a security flaw that can be easily patched and you should do so as quickly as possible to prevent any potential damage from coming to your website.

All In One SEO Pack

Previous ArticleNext Article
Scott Hartley is the developer and owner of The Daily Exposition who is also a tech enthusiast and writes the majority of content found on the website. When he isn't keeping up to date with the latest and breaking technology news, he is working on his own WordPress plugins, themes, or out exploring the world.

Leave a Reply

Your email address will not be published. Required fields are marked *