All In One SEO Plugin Patches Severe Vulnerabilities

The All In One SEO plugin has patched a set of severe vulnerabilities that were discovered by the Jetpack Scan team two weeks ago. Version 4.1.5.3, released December 8, includes fixes for a SQL Injection vulnerability and a Privilege Escalation bug.

Marc Montpas, the researcher who discovered the vulnerabilities, explained how they could be exploited:

If exploited, the SQL Injection vulnerability could grant attackers access to privileged information from the affected site’s database (e.g., usernames and hashed passwords).

The Privilege Escalation bug we discovered may grant bad actors access to protected REST API endpoints they shouldn’t have access to. This could ultimately enable users with low-privileged accounts, like subscribers, to perform remote code execution on affected sites.

The Common Vulnerability Scoring System (CVSS) gave the vulnerabilities High and Critical scores for exploitability.

Montpas explained that All In One SEO failed to secure the plugin’s REST API endpoints, allowing users with low-privileged accounts (such as subscribers) to bypass the privilege checks and gain access to every endpoint the plugin registers. This includes a particularly sensitive htaccess endpoint, which is capable rewriting a site’s .htaccess file with arbitrary content. Montpas said an attacker could abuse this feature to hide .htaccess backdoors and execute malicious code on the server.

All in One SEO is active on more than 3 million WordPress sites, and every version of the plugin between 4.0.0 and 4.1.5.2 is affected and vulnerable. Users with automatic updates enabled for minor releases should already have the patch since it was released six days ago. For those who are updating manually, the Jetpack Scan team recommends users within the affected range update to the latest version as soon as possible.

3

3 responses to “All In One SEO Plugin Patches Severe Vulnerabilities”

  1. Zepth says:

    You are absolutely right. It is less secure plugin as well as not as much effective as Rank Math and Yoast SEO plugins.

    Report

  2. Neha says:

    Hi Sarah,

    Yes, it’s less secure. I think the Yoast plugin is best. Thanks for sharing this type of information. Keep posting

    Report

  3. Javier Cruz says:

    HELLO!
    I have always used Yoast SEO. I have never wanted to risk with All In One SEO. If something turns out well and you learn from the new Google changes, it is better to play it safe. But hey Google moves the floor to each intante lol.

    Thanks for the info.

    Report

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Newsletter

Subscribe Via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

%d bloggers like this: