Update Your All-in-One SEO Pack Now

Share on facebook
Share on linkedin
Share on twitter
Update SEO

The internet security firm, Sucuri, recently announced that they found a security risk in the WordPress plugin All-in-One SEO Pack. If you are using this plugin on your site(s), then you need to update the plugin right away.

The flaw found allows a hacker to perform a privilege escalation and do cross site scripting (XSS) attacks. Okay, so for most of you that won’t mean much, except you need to upgrade! If you want to understand this a little better than here you go.

In the first case, a logged-in user, without possessing any kind of administrative privileges (like an author of subscriber), could add or modify certain parameters used by the plugin. It includes the post’s SEO title, description and keyword meta tags. All of which could decrease one’s website’s Search Engine Results Page (SERP) ranking if used maliciously.

If that isn’t enough, there is also another aspect of the old plugin version that allows hackers to inject malicious JavaScript code onto the admin control panel that would execute when that page is loaded. That means nasty stuff could happen like changing the admin password or inserting backdoor code that would allow them to put more code into your website’s  files so they could carry out more nasty stuff later.

Keep in mind that with all security issues, keeping things updated is a large part of the battle. Make sure your All-in-One SEO pack is updated to version 2.1.6. While nothing is 100% secure, by being proactive you can reduce the risk that your site is exposed.

If you are not able to keep up with updates and backups of your WordPress site, give us a call at 503-683-1664 or use our contact form to get in touch. We can help you.

Trevor Wilson

Trevor Wilson

Trevor is a love-focused branding specialist helping our team constantly fine-tune our obsessions. He’s a passionate learner and teacher, distilling over 100 industry-related books a year into digestible bits that make Smitten’s client projects more powerful every day.

Want to discuss? We're all ears.

Wishing people could fall in love with your business faster, easier and deeper?

We're obsessed with this kind of stuff. Pretty much it's all we think about. There's a possibility we might be available to help you.

About This Little Agency: Back in 2007, in a little town on the southern border of Washington State, Trevor and Kama Wilson braved the naysayers saying it was absurd to try to earn their full-time income together online. Despite criticism and even moving into a single car garage for awhile so they could pursue their dream, they worked unearthly hours, studied endlessly, made costly mistakes, and figured out how to make their entire income online. After successfully running 700 websites (and living entirely and well off the profits), they opened Smitten (formerly Peppermint) to use their inborn, honed obsessions for alluring design, captivating content and personable branding to help other business owners get more ❤ too. 

Connect with us.

© 2018 SMITTEN, LLC (formerly Peppermint)  All Rights Reserved