• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

virusword.com-Wordpress

Learn Wordpress

  • Home
  • WordPress Shop
    • Fotopress
    • SEO Tool Kit
    • Social Contact
    • Tag Machine 2
    • Video Profits
  • Latest News
  • WordPress
    • Plugins
    • Themes
    • Tutorials
    • Videos
    • Woocommerce
  • About Us
  • Contact Us
    • Terms of Service
    • Privacy Policy
  • Show Search
Hide Search
Home/Plugins/All In One SEO Plugin Patches Severe Vulnerabilities – WP Tavern

All In One SEO Plugin Patches Severe Vulnerabilities – WP Tavern


The All In One SEO plugin has patched a set of severe vulnerabilities that were discovered by the Jetpack Scan team two weeks ago. Version 4.1.5.3, released December 8, includes fixes for a SQL Injection vulnerability and a Privilege Escalation bug.

Marc Montpas, the researcher who discovered the vulnerabilities, explained how they could be exploited:

If exploited, the SQL Injection vulnerability could grant attackers access to privileged information from the affected site’s database (e.g., usernames and hashed passwords).

The Privilege Escalation bug we discovered may grant bad actors access to protected REST API endpoints they shouldn’t have access to. This could ultimately enable users with low-privileged accounts, like subscribers, to perform remote code execution on affected sites.

The Common Vulnerability Scoring System (CVSS) gave the vulnerabilities High and Critical scores for exploitability.

Montpas explained that All In One SEO failed to secure the plugin’s REST API endpoints, allowing users with low-privileged accounts (such as subscribers) to bypass the privilege checks and gain access to every endpoint the plugin registers. This includes a particularly sensitive htaccess endpoint, which is capable rewriting a site’s .htaccess file with arbitrary content. Montpas said an attacker could abuse this feature to hide .htaccess backdoors and execute malicious code on the server.

All in One SEO is active on more than 3 million WordPress sites, and every version of the plugin between 4.0.0 and 4.1.5.2 is affected and vulnerable. Users with automatic updates enabled for minor releases should already have the patch since it was released six days ago. For those who are updating manually, the Jetpack Scan team recommends users within the affected range update to the latest version as soon as possible.



Source link

Written by:
Abdul Wahid
Published on:
December 15, 2021

Categories: Plugins

Primary Sidebar

Wordpress

  • Latest News (269)
  • Plugins (307)
  • Themes (312)
  • Tutorials (392)
  • Videos (799)
  • Woocommerce (399)

Recent Articles

How to Add Customer Reviews in eCommerce Site (WooCommerce Tutorial) #WordPress

#WordPressTutorial #WordPressPlugins #WooCommerce …

Continue Reading about How to Add Customer Reviews in eCommerce Site (WooCommerce Tutorial) #WordPress

Subscribe to Podcast – Saucon Source

By subscribing to this podcast, you will …

Continue Reading about Subscribe to Podcast – Saucon Source

Search our site

Explore more

Get our Wordpress Guide Get Plugins Get Connected

Footer

VirusWord by Promaps, Inc.

Barnes Place
Colombo 7, Western 00700

Copyright © 2023 · Promaps, Inc.

Keep In Touch

  • Email
  • Facebook
  • Instagram
  • Pinterest
  • Twitter