fbpx

All in One SEO Pack Plugin Patches XSS Vulnerability

All in One SEO Pack patched an XSS vulnerability this week that was discovered by the security researchers at Wordfence on July 10. The popular plugin has more than 2 million active installs, according to WordPress.org.

Wordfence researchers categorized it as “a medium severity security issue” that could result in “a complete site takeover and other severe consequences:”

This flaw allowed authenticated users with contributor level access or above the ability to inject malicious scripts that would be executed if a victim accessed the wp-admin panel’s ‘all posts’ page.

Version 3.6.2, released on July 15, 2020, includes the following update

This post was originally published on this site

GET UP TO $500K IN BUSINESS FUNDING

Pin It on Pinterest

Share This
Xiphos Web Marketing

FREE
VIEW