Security Issue : Wordpress Plugin All in One SEO Pack v2.3.6.1 exploit | HostStage .

Security Issue : WordPress Plugin All in One SEO Pack v2.3.6.1 exploit

Security Issue : WordPress Plugin All in One SEO Pack v2.3.6.1 exploit

  • 13 Jul 0
Did you like what you read?Share on Facebook
Facebook
0Share on Google+
Google+
0Tweet about this on Twitter
Twitter
0Share on LinkedIn
Linkedin
Share on Reddit
Reddit
0Digg this
Digg
Buffer this page
Buffer

All in One SEO pack is a widely spread plugins used to set the meta description, keywords and titles for the WordPress posts.

A XSS exploit has been discovered on the plugin All in One SEO pack plugin for the version 2.3.6.1 and before.

You can immediately check the version from the plugin page and the current version should be v2.3.8.

The XSS has been discovered in the bad bot blocker feature and involve an exploit allowing to steal the administrator tokens through an altered user agent.

The vulnerability has been patched and a plugin update is strongly advised.

 

 

Did you like what you read?Share on Facebook
Facebook
0Share on Google+
Google+
0Tweet about this on Twitter
Twitter
0Share on LinkedIn
Linkedin
Share on Reddit
Reddit
0Digg this
Digg
Buffer this page
Buffer

Leave A Comment


Join Us on Facebook

Our Latest Tweets

  • 5 days ago

    4 Unconventional Ways to Reclaim Lost #Facebook #OrganicReach https://t.co/wQ7NhNAHMF #InternetMarketing https://t.co/5SXQhpd4VW

  • 5 days ago

    #DuplicateContent Issues in #Wordpress & Fixing Them https://t.co/y3Gdmb1cN7 #SEO #DigitalMarketing https://t.co/XjdcAUtVrn

  • 1 week ago

    Beyond #keywords: What really matters in #SEO content #Digitalmarketing #contentmarketing https://t.co/GppMYLamn3 https://t.co/uHYX5MVJcj

  • 1 week ago

    CVE-2018-0886: Microsoft Security Update CredSSP affecting RDP Access https://t.co/xizOnVEBkx

  • 1 week ago

    Compressibility - How Search Engines Found #Spam Content https://t.co/OASbXRlqtQ #contentmarketing #SEO https://t.co/vuo0eBQWbZ