Security Issue : Wordpress Plugin All in One SEO Pack v2.3.6.1 exploit | HostStage .

Security Issue : WordPress Plugin All in One SEO Pack v2.3.6.1 exploit

Security Issue : WordPress Plugin All in One SEO Pack v2.3.6.1 exploit

  • 13 Jul 0
Did you like what you read?Share on Facebook
Facebook
0Tweet about this on Twitter
Twitter
Share on LinkedIn
Linkedin
Share on Reddit
Reddit
0Digg this
Digg
Buffer this page
Buffer

All in One SEO pack is a widely spread plugins used to set the meta description, keywords and titles for the WordPress posts.

A XSS exploit has been discovered on the plugin All in One SEO pack plugin for the version 2.3.6.1 and before.

You can immediately check the version from the plugin page and the current version should be v2.3.8.

The XSS has been discovered in the bad bot blocker feature and involve an exploit allowing to steal the administrator tokens through an altered user agent.

The vulnerability has been patched and a plugin update is strongly advised.

 

 

Did you like what you read?Share on Facebook
Facebook
0Tweet about this on Twitter
Twitter
Share on LinkedIn
Linkedin
Share on Reddit
Reddit
0Digg this
Digg
Buffer this page
Buffer

Leave A Comment


Join Us on Facebook

Our Latest Tweets

  • 6 months ago

    PHP 5.6 & PHP 7.0 EOL, Hello PHP 7.3 https://t.co/TjVMXJFjGq

  • 6 months ago

    Microsoft Critical Security Vulnerability CVE-2019-0708 https://t.co/XShL8qyz6K

  • 1 year ago

    @Galukxy  What is the reason of your website suspension? It could be something we could help you with actually

  • 1 year ago

    The Ultimate List: 57 Online Local Business Directories https://t.co/HATo96qXrw #localseo #Leadgeneration… https://t.co/HUz7sXscHz

  • 1 year ago

    21 of the Best #Facebook Pages We've Ever Seen https://t.co/Kz0o3jhuWS #FacebookMarketing #SMM #socialmedia https://t.co/nFOwpvtGMs