Wordpress
December 21, 2021

Critical Vulnerabilities in All in One SEO Plugin Affects Millions of WordPress Websites

Security Risk: High

Exploitation Level: Easy

CVSS Score: 9.9 / 7.7

Vulnerability: Privilege Escalation, SQL Injection

Patched Version: 4.1.5.3

Last week, security researcher at Automattic Marc Montpas recently discovered two severe security vulnerabilities within one of the most popular SEO plugins used by WordPress website owners: All in One SEO. The plugin is used by more than three million websites and if left unpatched could cause some serious headaches for WordPress users.

Continue reading Critical Vulnerabilities in All in One SEO Plugin Affects Millions of WordPress Websites at Sucuri Blog.

Share this:
Twitter icon Facebook icon LinkedIn icon Pinterest icon

More great articles

Cross-Site Scripting Vulnerability In Download Manager Plugin

On May 30, 2022, Security Researcher Rafie Muhammad reported a reflected Cross-Site Scripting (XSS) vulnerability to us that they discovered…

Read Story
Wordpress
June 7, 2022

Wordfence Intelligence Weekly WordPress Vulnerability Report (May 15, 2023 to May 21, 2023)

Last week, there were 82 vulnerabilities disclosed in 59 WordPress Plugins and 11 WordPress themes, along with 6 in WordPress…

Read Story
Wordpress
May 25, 2023

Wordfence Intelligence Weekly WordPress Vulnerability Report (October 28, 2024 to November 3, 2024)

Calling all superheroes and haunters! Introducing the Cybersecurity Month Spooktacular Haunt and the WordPress Superhero Challenge for the Wordfence Bug…

Read Story
Wordpress
November 7, 2024

Emergency WordPress Help

One of our techs will get back to you within minutes.