All In One SEO Plugin Patches Severe Vulnerabilities

The All In One SEO plugin has patched a set of severe vulnerabilities that were discovered by the Jetpack Scan team two weeks ago. Version 4.1.5.3, released December 8, includes fixes for a SQL Injection vulnerability and a Privilege Escalation bug.

Marc Montpas, the researcher who discovered the vulnerabilities, explained how they could be exploited:

If exploited, the SQL Injection vulnerability could grant attackers access to privileged information from the affected site’s database (e.g., usernames and hashed passwords).The Privilege Escalation bug we discovered may grant bad actors access to protected REST API endpoints they shouldn’t have access to. This could ultimately enable users with low-privileged accounts, like subscribers, to perform remote code execution on affected sites.

The Common Vulnerability Scoring System (CVSS) gave the vulnerabilities High and Critical scores for exploitability.

Montpas explained that All In One SEO failed to secure the plugin’s REST API endpoints, allowing users with low-privileged accounts (such as subscribers) to bypass the privilege checks and gain access to every endpoint the plugin registers. This includes a particularly sensitive htaccess endpoint, which is capable rewriting a site’s .htaccess file with arbitrary content. Montpas said an attacker could abuse this feature to hide .htaccess backdoors and execute malicious code on the server.

All in One SEO is active on more than 3 million WordPress sites, and every version of the plugin between 4.0.0 and 4.1.5.2 is affected and vulnerable. Users with automatic updates enabled for minor releases should already have the patch since it was released six days ago. For those who are updating manually, the Jetpack Scan team recommends users within the affected range update to the latest version as soon as possible.

Category: News, Plugins

Tags: security
Share this:Click to email this to a friend (Opens in new window)Click to share on Facebook (Opens in new window)Click to share on Twitter (Opens in new window)Click to share on Telegram (Opens in new window)Click to share on WhatsApp (Opens in new window)Click to share on Pocket (Opens in new window)Click to share on Reddit (Opens in new window)Like thisLike Loading…

Share:

Facebook
Twitter
Pinterest
LinkedIn

Leave a Comment

Your email address will not be published.

Table of Contents

On Key

Related Posts

Best Google Maps Plugins for WordPress

Before we start looking at any plugins, it’s good to review the way Google Maps work. There are several components in the Google Maps API family, all of which can be found on the Google Maps API Family page. When working with WordPress, we are mainly interested in two of these APIs: Static Maps APIMaps

How to Get a Custom Field Value via Shortcode

Sometimes we want to make it easy for site administrators to include the value of a custom field (maybe created as part of a custom meta box) into a post. An ideal solution to this challenge is to use shortcodes. You can either do this through these two plugins: Get Custom Field Values Custom Fields

Best Auto Translation Plugins for WordPress

Having the content of your website available in different languages can mean a much bigger audience for you. A very simple way to do this is to provide automatic translators, they’re not the same as manually translating all your content, but do a pretty good job. It’s better to have an automatic translation plugin than

Best WordPress Multilanguage Plugins

The two main contenders as best multilanguage plugins for WordPress are WPML and QTranslate. If you want a quick answer to which one comes out on top, I would say go for WPML. If you have enough time to give them a test drive, by all means, do so and judge for yourself which one