Home / Support Blog / WordPress - All in One SEO Plugin Security Update

WordPress - All in One SEO Plugin Security Update

Update Your WordPress Plugins - Especially "All in One SEO Pack"

There's a great SEO plugin for WordPress called "All in One SEO Pack" and we're using it on many WordPress websites we've created. As with all software, holes are discovered. A hole was found with this software and we wanted to notify everyone about it:

Update Your All In One SEO Pack WordPress Plugin Now (searchengineland.com)

The vulnerability opened up WordPress blogs that used the plugin, that had subscribers, authors and non-admin users logging in to wp-admin. The code in the plugin had two security issues that enabled hackers to:

(1) Conduct privilege escalation

(2) Cross site scripting (XSS) attacks

One more:

Major Exploits Found in All in One SEO Pack WordPress Plugin (searchenginewatch.com)

If you're an All in One SEO Pack plugin user and don't update, the best case scenario could be finding yourself removed from Google's search index for spamming. And because a malicious user could change the title, description, and keyword meta tags, it opens up websites to having that information changed by unauthorized third parties.

Yet one more (why not?):

Vulnerabilities in 'All in One SEO Pack' WordPress Plugin Put Millions of Sites At Risk (thehackernews.com)

WordPress is easy to setup and use, that’s why large number of people like it. But if you or your company is using ‘All in One SEO Pack’ WordPress plugin to optimize the website ranking in search engines, then you should update your SEO plugin immediately to the latest version of All in One SEO Pack 2.1.6.

Today, All in One SEO Pack plugin team has released an emergency security update that patches two critical privilege escalation vulnerabilities and one cross site scripting (XSS) flaw, discovered by security researchers at Sucuri, a web monitoring and malware clean up service.

To fix this, all you need to do is upgrade the plugin. We would be happy to take care of this for you (1-2 Maintenance Blocks) or else you can do this upgrade yourself in the WordPress plugins manager screen.


Get found, increase conversion!
Website Marketing
Website Marketing
Get your website noticed and get results.
Design Portfolio
Design Portfolio
Result driven design makes your website work 24/7 for your business.

What Our Clients Say

“Your company and its professionalism are proof positive that distance truly does not matter when completing a large project such as this.”
-Julie Hilliger
Malcolm-Eaton Enterprises
Our Clients Love Us - CLICK
Website Financing Options Available

UW Madison Alumni

Webstix in Madison, WI
730 Rayovac Drive
Madison, WI 53711
Webstix in Michigan
580 E Napier Ave.
Benton Harbor, MI 49022
Webstix in Indiana
316 E Monroe St
South Bend, IN 46601