After the discovery of a security flaw in the hugley popular 'All in One SEO Pack' plugin for WordPress, a secure version has now been made and is available for download.
As an IT Support Company in Hertfordshire we know how popular the WordPress platform is among our customers and the plug-ins are a popular, helpful, and cost saving aspect of it. In fact WordPress is the most popular CRM style website platform, used by 26% or all websites and the All in One SEO Pack” has been downloaded by 30 million users and is estimated to be in use now in a million websites. This is what makes the matter of a a flaw in the code of that plugin such a serious matter.
Problem With The Plugin
A 'Bot Blocker’ component was used in the plug-in to detect and block spam bots based on their user agent and referrer header values, and it was in this element that the vulnerability was discovered.
Exploiting Code Flaw
The seriousness of flaws in some aspects of WordPress has been highlighted several times in recent years such as when 26,000 WordPress websites with the Pingback function enabled were used as part of a botnet to launch DDoS attacks on other websites back in February this year.
What Does This Mean For Your Business?
The discovery of this latest flaw means that if your business website is a WordPress website that has the All in One SEO Pack installed you will need to make sure that you upgrade to this to the latest 2.3.7. version as soon as possible (after Friday), or you can make sure that you don't have the Track Blocked Bots setting enabled in the website.