15 Million Vulnerable to All in One SEO Pack Bug

All-in-one-SEO Pack hack fixed


Yesterday the vulnerability was announced. If you’re a RealBasics maintenance client using All in One SEO Pack your site is already protected and the plugin fixed.

Today, All in One SEO Pack plugin team has released an emergency security update that patches two critical privilege escalation vulnerabilities and one cross site scripting (XSS) flaw, discovered by security researchers at Sucuri, a web monitoring and malware clean up service.

More than 73 million websites on the Internet run their websites on the WordPress publishing platform and more than 15 million websites are currently using All in One SEO Pack plugin for search engine optimization.

Source: Hacker News, Security in a Serious Way

Don’t get us wrong: All in One SEO Pack is a great tool backed by responsive developers so they released an update that closes the vulnerability very quickly.  The risk is that current users may not get the message, log into their websites, and perform the update.  Keeping your software up to date and security scanned are just two of the core benefits we offer hear at RealBasics.com.

If you’d like this kind of coverage give us a call – (206) 390-8082.


David Innes, RealBasics.com

I've been building and maintaining websites since 1997 and building and supporting similar hypertext-driven software since 1987. I've done maintenance, support, and maintenance for physical and digital systems since 1981. And no, I still haven't seen it all but by now I usually know where to look. More about David Innes...