With content management system like WordPress, anybody can design a website today. Business are creating their own websites and promoting it through SEO and social media. However, without in-depth web designing expertise, people often make some major design flaws. These errors can have an adverse effect on their search engine optimization process.
SEO Pack & Secure | image credit – tailored4wp.com
One such mistake would be not updating their All-In-One SEO Pack WordPress plugin for their website. Such plug-ins don’t update themselves thus putting your site at risk. Recently, Sucuri “a well renowned web security agency disclosed two major vulnerabilities within the plugin.
Sucuri urged the WordPress user to update their All-In-One SEO Pack plugin. According to them, if your site provides logins to non-users or it offers subscriptions or multiple author features then it is “At Risk”. If this plugin is not updated then it can have a negative impact on open registration sites.
Sucuri audited the code and detected two serious security bugs that allow intruders (hackers) to carry out cross site scripting (XSS) attacks and authorized escalation. Due to these flaws, attackers can not only add and modify certain parameters but also upgrade their privileges. They can also add malware programs in the administration panel.
Solution for this problem :
If you are a WordPress admin and your site allows open registrations to subscribers, authors and non-admin then you must update your old All-In-One SEO Pack plugin version to the new 2.1.6 version.
After this announcement, many websites have ditched “All-In-One SEO Pack” and moved on to “WordPress SEO by Yoast”. So, this Yoast plugin remains bug-free and secure. This makes it a perfect alternative.
To learn more about WordPress SEO, read this post by Yoast. It is totally acceptable if you don’t prefer switching and want to stick to the All-In-One SEO Pack. Just don’t forget to update it and fix the problem.