Security Issue : Wordpress Plugin All in One SEO Pack v2.3.6.1 exploit

Security Issue : WordPress Plugin All in One SEO Pack v2.3.6.1 exploit

Posted July 13, 2016

All in One SEO pack is a widely spread plugins used to set the meta description, keywords and titles for the WordPress posts.
A XSS exploit has been discovered on the plugin All in One SEO pack plugin for the version 2.3.6.1 and before.
You can immediately check the version from the plugin page and the current version should be v2.3.8.
The XSS has been discovered in the bad bot blocker feature and involve an exploit allowing to steal the administrator tokens through an altered user agent.
The vulnerability has been patched and a plugin update is strongly advised.

HSWebTeam

www.host-stage.net/

Security Issue : WordPress Plugin All in One SEO Pack v2.3.6.1 exploit

Security Issue : WordPress Plugin All in One SEO Pack v2.3.6.1 exploit

Leave a Comment
Cancel reply

Services Specifications

Technical Features

Windows VPS Locations

Dedicated Servers Locations

Linux VPS Locations

Resources

Make Money with Us

Reach Out To Us Anywhere

API

Legal

Subscribe to our Newsletter

Security Issue : WordPress Plugin All in One SEO Pack v2.3.6.1 exploit

Leave a Comment Cancel reply

Leave a Comment
Cancel reply