Security Issue : Wordpress Plugin All in One SEO Pack v2.3.6.1 exploit | HostStage .

Security Issue : WordPress Plugin All in One SEO Pack v2.3.6.1 exploit

Security Issue : WordPress Plugin All in One SEO Pack v2.3.6.1 exploit

  • 13 Jul 0
Did you like what you read?Share on Facebook0Share on Google+0Tweet about this on Twitter0Share on LinkedIn0Share on Reddit0Digg thisBuffer this page

All in One SEO pack is a widely spread plugins used to set the meta description, keywords and titles for the WordPress posts.

A XSS exploit has been discovered on the plugin All in One SEO pack plugin for the version 2.3.6.1 and before.

You can immediately check the version from the plugin page and the current version should be v2.3.8.

The XSS has been discovered in the bad bot blocker feature and involve an exploit allowing to steal the administrator tokens through an altered user agent.

The vulnerability has been patched and a plugin update is strongly advised.

 

 

Did you like what you read?Share on Facebook0Share on Google+0Tweet about this on Twitter0Share on LinkedIn0Share on Reddit0Digg thisBuffer this page

Leave A Comment


Join Us on Facebook

Our Latest Tweets

  • 4 days ago

    #Google My Business API Supports Google Posts https://t.co/7X7bnSQ07l #DigitalMarketing https://t.co/fc97mzFox8

  • 5 days ago

    3 #Twitter #Hashtags #Marketing Tips for Small Businesses https://t.co/mCzWmHnGoW https://t.co/lLJ11ZQDIA

  • 6 days ago

    Does #Googlebot Crawl Using HTTP/2 Protocols? https://t.co/hnUHgbQtlQ #SEO #HOSTING Not quite ready yet!

  • 7 days ago

    Get Your #Data House in Order: Our Checklist for Useful #Marketing Data https://t.co/xqt1RhmJz6 #kpi https://t.co/dk8vCCpfrO

  • 2 weeks ago

    [Infographic] 127 Facts You Probably Didn't Know About #Video #Marketing https://t.co/CaAHtEomcs