Security researchers have discovered vulnerabilities in a All in One SEO Pack WordPress…

June 2, 2014 by Paul Spoerry 4 Comments

Security researchers have discovered vulnerabilities in a All in One SEO Pack WordPress extension that leaves sites susceptible to remote hijacking.
Update your #WordPress sites if you use this plugin folks!

Bugs in widely used WordPress plug-in leave sites vulnerable to hijacking
All in One SEO Pack gives unprivileged users admin powers.

View this post on Google+

About Paul Spoerry

I’m a groovy cat who’s into technology, Eastern Thought, and house music. I’m a proud and dedicated father to the coolest little guy on the planet (seriously, I'm NOT biased). I’m fascinated by ninjas, the Internet, and anybody who can balance objects on their nose for long periods of time.

I have a utility belt full of programming languages and a database of all my knowledge on databases... I practice code fu. Oh, I've also done actual Kung Fu, and have a black belt in Tae Kwon Do.

I run. I meditate. I dance. I blog at PaulSpoerry.com, tweet @PaulSpoerry, and I'm here on Google+.

I'm currently work for IBM developing web enabled insurance applications for IBM and support and develop a non-profit called The LittleBigFund.

Comments

David Ford says

June 3, 2014 at 2:33 am

the daily wordpress vulnerability? :}
Paul Spoerry says

June 3, 2014 at 2:15 pm

Considering WordPress powers about 20% off all websites on the Internet it's a pretty big target.
David Ford says

June 3, 2014 at 8:24 pm

as a security and forensics guy and speaking from experience with monitoring our webhosting datacenters around the world — as a normal thing, wp, wp plugins and tools have some of the lowest quality code in existence. it's not that it's a big target because it's popular, it's a big target because the security of wp itself and wp plugins is just really awful.
Paul Spoerry says

June 3, 2014 at 9:54 pm

I'd wager that it's more on the plugin end of things; but that's just from my past experience.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

About Paul Spoerry

Comments

Leave a Reply