Security Issue : WordPress Plugin All in One SEO Pack v2.3.6.1 exploit

 In Security
0

All in One SEO pack is a widely spread plugins used to set the meta description, keywords and titles for the WordPress posts.
A XSS exploit has been discovered on the plugin All in One SEO pack plugin for the version 2.3.6.1 and before.
You can immediately check the version from the plugin page and the current version should be v2.3.8.
The XSS has been discovered in the bad bot blocker feature and involve an exploit allowing to steal the administrator tokens through an altered user agent.
The vulnerability has been patched and a plugin update is strongly advised.
 
 

Recent Posts

Leave a Comment

Contact Us

Your message has been sent!

Thank you! We’ll take a look at your request and get in touch with you as quickly as possible.

Let us know what you’re looking for by filling out the form below, and we’ll get back to you promptly during business hours!





    Start typing and press Enter to search

    Security Issue Exim : CVE-2016-1531 -> PATCHED!Security
    Security Issue : Leaks of 68 Millions Dropbox AccountsSecurity