Wealthy Affiliate

HomeAbout UsPricingAffiliatesBlogContact
Login

Security breach on All in One SEO Pack

51
69
byjespinola
3.6K followers

Many of our websites could be in risk of compromise if we don't update "All in One SEO Pack" plugin. The new version will fix serious vulnerabilities.

Why?!

Well Sucuri researches (This a Web security firm) found two flaws in “All in One SEO Pack”

If your site has subscribers, authors and non-admin users logging in to wp-admin, you are a risk. If you have open registration, you are at risk, so you have to update the plugin now. the Sucuri researchers wrote in a blog.

In other words, The first flaw can be exploited by a regular user (Author or a subscriber) to change your SEO description (in a blog or page) and keywords meta tags, causing decreasing Search Engine Results Page (SERP) if is using maliciously.

The second flaw sucuri explains:

we also discovered this bug can be used with another vulnerability to execute malicious Javascript code on an administrator’s control panel.

This means an attacker could do things like change your admin account’s password or insert backdoor code into your website files to conduct other malicious activities later time as Sucuri researchers said.

Solution?!

Yes. Don't panic. It's very easy just update your "All in One SEO Pack" from Wordpress repository. :D

Hope helps you. :)

Regards

Jorge

51
69

Join FREE & Launch Your Business!

Exclusive Bonus - Offer Ends at Midnight Today

00

Hours

:

00

Minutes

:

00

Seconds

2,000 AI Credits Worth $10 USD

Build a Logo + Website That Attracts Customers

400 Credits

Discover Hot Niches with AI Market Research

100 Credits

Create SEO Content That Ranks & Converts

800 Credits

Find Affiliate Offers Up to $500/Sale

10 Credits

Access a Community of 2.9M+ Members

By continuing, you agree to our Terms of Service and Privacy Policy
No credit card required

Recent Comments

69

New message...

Lancer501

Thank you Jorge....I haven't reached the need to do this yet...but the importance of updating at once is stored on memory.

2
jespinola

Yeah. Right now it's very important. Hope helps. :)

2
Alex24

Wow. Didn't know this could happen. And there are sometimes these weird email addresses coming up as new registered users of my site.

2
jespinola

Stephon ,

You can choose to people don't register to your website. :)

Yeah and I didn't know when I saw that blog from Sucuri. :(

1
judebanks

I always update plugins as soon as the updates are available. Updates usually contain fixes and improvements, so it's worth doing this as a matter of habit. Thanks for letting us know, Jorge, as some people delay updating and this is an important one. ~Jude

3
jespinola

Excellent habit Jude! Yeah it's very necessary to updates our plugins and now we know some reasons why. :)

2
johnwnewman

Thanks Jorge, doing that right now!!

2
jespinola

Phew! Now you are safe. :D

Thanks for reading, :)

1
drago1168

This is something I didn't realize and appreciate this info.

2
jespinola

Tommy,

When I saw that blog from sucri I didn't realize too. That's why I created this blog. Thanks for reading., :)

2
Mikaeri

Defiantly worth knowing, thanks for the heads up Jorge

1
jespinola

Yes . It's important to know. Most welcome. :)

1
Funmine

Thanks for the reminder. High priority!!

1
jespinola

Ade,

Yeah please add on your priority list. Very important. Thanks for reading. :)

2
Funmine

I did the update. Thanks Jorge!

1
jespinola

Fantastic. :D

FLCGroup

Thanks!

1
jespinola

No probs. Did you update your SEO plugin?!

1
FLCGroup

Yesterday. Appreciate it!

1
jespinola

Aw fab. :)

1
scottyb2good

Thanks for the heads up Jorge. I will update mine

1
jespinola

Yeah. Do it now because it's very important of you have another wp users.

Most welcome. :D

1
Karyskis

Thank you for the heads up. I updated most of mine today. ;)

1
jespinola

Most welcome Kary. I always try to have my domains safe. :)

2

See more comments

Join FREE & Launch Your Business!

Exclusive Bonus - Offer Ends at Midnight Today

00

Hours

:

00

Minutes

:

00

Seconds

2,000 AI Credits Worth $10 USD

Build a Logo + Website That Attracts Customers

400 Credits

Discover Hot Niches with AI Market Research

100 Credits

Create SEO Content That Ranks & Converts

800 Credits

Find Affiliate Offers Up to $500/Sale

10 Credits

Access a Community of 2.9M+ Members

By continuing, you agree to our Terms of Service and Privacy Policy
No credit card required

2.9M+

Members

190+

Countries Served

20+

Years Online

50K+

Success Stories

The world's most successful affiliate marketing training platform. Join 2.9M+ entrepreneurs building their online business with expert training, tools, and support.

© 2005-2025 Wealthy Affiliate
All rights reserved worldwide.

Platform

HomeEducationWebsitesCommunityHosting

Community

Success StoriesMember BenefitsContact SupportJoin Community

Resources

Help CenterGetting StartedDomainsAffiliate Program

Legal

AboutContactPrivacy PolicyTerms of Service

🔒 Trusted by Millions Worldwide

Since 2005, Wealthy Affiliate has been the go-to platform for entrepreneurs looking to build successful online businesses. With industry-leading security, 99.9% uptime, and a proven track record of success, you're in safe hands.