HomeNewsSecurity & VulnerabilityA vulnerability in the All-in-One SEO Put 3 million websites data at...
Security & VulnerabilityTechUpdate

A vulnerability in the All-in-One SEO Put 3 million websites data at risk

Riya
By Riya

-

Last Updated on 23/12/2021 by Riya

Marc Montpas, an Automattic security expert discovered two flaws in All in One SEO, a powerful WordPress SEO-optimization tool, that, when coupled into an attack chain, might make website owners vulnerable to site acquisition. Over 3 million sites employ the plugin.

Based on the most recent research at Sucuri, an adversary having an account on the site – including a subscriber, shopping account owner, or member – could leverage the power of the weaknesses, which are a privilege-escalation flaw and a SQL-injection vulnerability.

As per Sucuri, the flaws are ideal for the straightforward attack, thus users should switch to the patched version, v. 4.1.5.3.According to Sucuri experts, the flaw “may be leveraged by merely modifying a specific character of a query to upper-case.”

Riya
Riya
Riya is a technology enthusiast and an avid researcher. She writes about consumer tech, hacking, and technology consumer issues at TheDigitalHacker.
- Advertisment -

Must Read

Hive-Ransomware
News

The Resurgence of Hive Ransomware: Unveiling Hunters International Threat

Candeğer Şen - 0
Cybersecurity Threat Analysis Bitdefender experts have just revealed that they believe the notorious Hive Ransomware is making a comeback as Hunters International. The cyber threat...

Beginner’s Guide to Quantum Computing and the Future of Encryption in...

Cybersecurity

Learn About the Ethical Challenges Presented by Offensive Cybersecurity Operations and...

edge-ai

Challenges and Opportunities in Deploying AI Solutions in Edge Computing Environments

EDITOR PICKS

POPULAR POSTS

POPULAR CATEGORY

© Reserved 2023 | TheDigitalHacker