Critical Vulnerabilities in All in One SEO Plugin Affects Millions of WordPress Websites
Security Risk: High
Exploitation Level: Easy
CVSS Score: 9.9 / 7.7
Vulnerability: Privilege Escalation, SQL Injection
Patched Version: 4.1.5.3
Last week, security researcher at Automattic Marc Montpas recently discovered two severe security vulnerabilities within one of the most popular SEO plugins used by WordPress website owners: All in One SEO. The plugin is used by more than three million websites and if left unpatched could cause some serious headaches for WordPress users.