Security Issue : Wordpress Plugin All in One SEO Pack v2.3.6.1 exploit | HostStage .

Security Issue : WordPress Plugin All in One SEO Pack v2.3.6.1 exploit

Security Issue : WordPress Plugin All in One SEO Pack v2.3.6.1 exploit

  • 13 Jul 0
Did you like what you read?Share on Facebook0Share on Google+0Tweet about this on Twitter0Share on LinkedIn0Share on Reddit0Digg thisBuffer this page

All in One SEO pack is a widely spread plugins used to set the meta description, keywords and titles for the WordPress posts.

A XSS exploit has been discovered on the plugin All in One SEO pack plugin for the version 2.3.6.1 and before.

You can immediately check the version from the plugin page and the current version should be v2.3.8.

The XSS has been discovered in the bad bot blocker feature and involve an exploit allowing to steal the administrator tokens through an altered user agent.

The vulnerability has been patched and a plugin update is strongly advised.

 

 

Did you like what you read?Share on Facebook0Share on Google+0Tweet about this on Twitter0Share on LinkedIn0Share on Reddit0Digg thisBuffer this page

Leave A Comment


Join Us on Facebook

Our Latest Tweets

  • 4 weeks ago

    How to Create the Ultimate #Facebook Business Page https://t.co/jDRVZkY6B9 https://t.co/vYnHhMXaTN

  • 4 weeks ago

    Why You Rank On #Google But Not On #Bing And #Yahoo (And How to Fix It) https://t.co/n0kbQOizdL https://t.co/zP1SNfLL72

  • 1 month ago

    The four pillars of an effective #SEO strategy https://t.co/1zSvkbhFXF https://t.co/fEnwol0ZVs

  • 1 month ago

    Create a #website with# SEO in mind: Content optimization • Yoast https://t.co/E4bOh68pLq https://t.co/x9R5ao9tdb

  • 1 month ago

    10 ways to generate links with online influencers https://t.co/PvdlcKUuQL https://t.co/idJ2tu3s77