fbpx

2 Million Users Affected by Vulnerability in All in One SEO Pack

On July 10, 2020, our Threat Intelligence team discovered a vulnerability in All In One SEO Pack, a WordPress plugin installed on over 2 million sites. This flaw allowed authenticated users with contributor level access or above the ability to inject malicious scripts that would be executed if a victim accessed the wp-admin panel’s ‘all posts’ page.

We reached out to the plugin’s team the same day of discovery on July 10, 2020 and a patch was released just a few days later on July 15, 2020.

This is considered a medium severity security issue that, as with all XSS

This post was originally published on this site

GET UP TO $500K IN BUSINESS FUNDING

Pin It on Pinterest

Share This
Xiphos Web Marketing

FREE
VIEW