Attention All WordPress Users: Update Your All In One SEO Pack

Wordpress Secuirty

The All in One SEO plugin’s security has been exploited. Hackers have found a new entry method into your website via the All in One SEO WordPress Plugin. Specifically, hackers can now use privilege escalation and cross site (XSS) attacks on your website. If you update your plugin you will be, at least temporarily, immune to these attacks that hackers are currently exploiting. If you’re looking to make a switch, Blizzard recommends WordPress SEO by Yoast plugin, which is a similar SEO plugin with more functionality that has not been exploited

Do I really need to update my plugin? Yes. With this exploit, hackers can edit your meta title and description, which in turn could decrease your SERP rankings. Not only can this exploit hurt rankings, hackers can maliciously attack your website by executing JavaScript code on the administrator control panel.

You have three options; delete the All in One SEO plugin, update the plugin to the latest version or install the WordPress SEO by Yoast plugin. Please take action immediately to avoid any attacks on your website. If you have any questions regarding taking action on this, please contact us.

Speak Your Mind

*