WordPress SEO Plugin Found To Have Security Problems

by John
Comments are off for this post.

"wordpress-plugin-security-problem-news"The WordPress SEO Pack Plugin has been found to have security problems and users of WordPress sites who have the plugin are being warned to be aware of the problems.

According to a blog post by sucuri.net the All in One SEO Pack plugin for WordPress has been found to have security issues and because of this a new security release has been issued to patch these problems which were discovered earlier in the week.

It has been identified that those who are risk to a security threat are any WordPress users who have subscribers, non admin users and authors logging in to the admin panel of the site.

The security risks also extend to those who have open registration and all of these people and users of WordPress sites using the SEO pack plugin are being advised to update the plugin as soon as possible to prevent security breaches.

It has been found that a logged in user of a site who has any sort of administrative privileges is able to alter the parameters of the plugin including changing the title of the SEO post and the description and keyword meta tags.

If these key functions of the plugin are changed it could have detrimental effects to the ranking of the posts within search engines which would ultimately defeat the object of the plugin in the first place.

Although this may not sound all too bad or scary for WordPress users it has also been discovered that this same bug can then be used to execute malicious Javascript code on the control panel which could potentially lead to massive security problems on the site.

Luckily it is very easy to sort out this security problem and anyone using the All in One SEO Pack plugin simply has to update the version that they are using to be able to remove the bug.

In the past WordPress sites have been seen as a popular target for hackers who are able to exploit users who are running with third party components including plugins and themes.

Keeping up to date with all updates for your WordPress site is essential as many are put in place to rectify security issues.  When you see updates from WordPress you are advised to active these but also look out for updates being issued by the makers of the plugins that you may be using on your WordPress site to ensure that you keep your site secure and safe and do not succumb to any avoidable security risks.

Share on Pinterest

Share this article

Comments are closed.