Wednesday, 13 July 2016

New Vulnerability in All in One SEO Pack Plugin 2.3.7 and earlier

Yesterday morning Panagiotis Vagenas, a Wordfence Security Researcher, discovered a new vulnerability in the All in One SEO Pack WordPress plugin. This is in addition to another serious vulnerability we wrote about yesterday morning in the same plugin.
As detailed yesterday, All in One SEO Pack is an extremely popular plugin with over 1,000,000 active installs. Both free and Premium Wordfence users with the firewall enabled had partial protection at the time we discovered this new vulnerability.