Security Warning for All In One SEO Plugin
The All In One SEO Plugin Needs an Update
Wordfence, the security plugin I use and recommend, released a notification early this morning (my time) to advise that the All In One SEO plugin which is used on over 2 million websites had a security risk which has now been rectified in the latest update.
In Plain English
Any user of your website with Contributor access or above could inject a malicious script and take over the site.
What this means to you is probably not much. If you're the only registered user on your website then nothing is going to happen. But if you've allowed other users to register then there's a potential problem.
In any case, watch this video...
Update your website
The security risk has been rectified in the latest version of the All In One SEO plugin, version 3.6.2 at the time of writing.
Always keep WordPress, all your plugins, and themes up to date. Updates are made to fix problems and security issues and add new features.
Stay safe,
Join FREE & Launch Your Business!
Exclusive Bonus - Offer Ends at Midnight Today
00
Hours
:
00
Minutes
:
00
Seconds
2,000 AI Credits Worth $10 USD
Build a Logo + Website That Attracts Customers
400 Credits
Discover Hot Niches with AI Market Research
100 Credits
Create SEO Content That Ranks & Converts
800 Credits
Find Affiliate Offers Up to $500/Sale
10 Credits
Access a Community of 2.9M+ Members
Recent Comments
49
Thank you for this information, Marion. Updating our plugins is a vital part of our site health, in my opinion. I appreciate the info.
With 2020 vision,
Karin 😁
Hi Marion,
Thanks for sharing. Truly important especially now that identity thefts activity had skyrocketed.
Speaking of that, people need to be careful with website they share their email information with because you email might contain some sensitive information or the email is used as login to other important websites.
I’m sorry to say, since I started leaving my email with comments, I have had to change my password twice within a month because I was noted by my identity watch company that my email had been login in another computer outside the United State. Which I planed to create a dummy email to use for all my online business moving forward.
I encourage others especially the new folks to take similar precautions.
V/r
Benson
I have a ton of emails.
I have been receiving fake notices of my years ago emails hack. Luckily I don't use them anymore.
Great thought to have dummy emails.
Some companies uses emails as usernames, I have some of them. Problably easy to find out the password.
Great advice.
Thank you.
Luis Antonio
See more comments
Join FREE & Launch Your Business!
Exclusive Bonus - Offer Ends at Midnight Today
00
Hours
:
00
Minutes
:
00
Seconds
2,000 AI Credits Worth $10 USD
Build a Logo + Website That Attracts Customers
400 Credits
Discover Hot Niches with AI Market Research
100 Credits
Create SEO Content That Ranks & Converts
800 Credits
Find Affiliate Offers Up to $500/Sale
10 Credits
Access a Community of 2.9M+ Members
You're so right Marion
About 5 days ago I updated my AIOP, then yesterday I noticed a new update available. So updated straight away.
I am a business Analyst by trade and so understand the importance of keeping everything up to date
Please allow me to echo your sound word of advice - and go one further...
...Whatever you are doing on your computer please, please save your work regularly :-)
My Best Always
Peter
Good advice, Peter. You never know when the power is going to blink off.