Buck Up! - You Need to Upgrade Your Wordpress All-In One SEO Pack Now!
Sucuri,
a web monitoring and malware cleanup service was the first to spot
the exploits. Their blog brought into notice about the vulnerability
last week. As a result, large number of website owners has raised the
alarm.
Wordpress Plugin has more than 18
million downloads. Indeed, a huge number of websites is going to face
this potential threat, especially if the webmasters does not take the
advantage of automatic update.
That's a serious issue and team of All
in One SEO Pack need to fix it soon.
THREATS
If your site has subscribers, authors,
non-admin users logging in the WP-admin, then you will face this
potential threat. Besides, if there is an open registration, the site
is going to face high-risk or threats.
The code in the plug-in has two
security threats -
- Attacker can conduct privilege escalation
- And cross site scripting (XSS) attacks
The security vulnerability recently
patched. So, if you are an All in One SEO Pack user, prior to version
2.1.6, we recommend upgrading it as soon as possible to prevent
potential security issues.
If you are a All in One SEO Pack user
or and have any questions on this vulnerability issue, or need any
help updating the plug-in, contact Unified Infotech support team for
customized plug-in development solutions.
We will be happy to help you!
Comments
Post a Comment