Security News > 2021 > December > 800K WordPress sites still impacted by critical SEO plugin flaw
Two critical and high severity security vulnerabilities in the highly popular "All in One" SEO WordPress plugin exposed over 3 million websites to takeover attacks.
The security flaws discovered and reported by Automattic security researcher Marc Montpas are a critical Authenticated Privilege Escalation bug and a high severity Authenticated SQL Injection.
More than 820,000 sites using the plugin are yet to update their installation, according to download statistics for the last two weeks since the patch was released, and are still exposed to attacks.
Subscriber is a default WordPress user role, commonly enabled to allow registered users to comment on articles published on WordPress sites.
WordPress admins urged to update ASAP. As Montpas revealed, escalating privileges by abusing CVE-2021-25036 is an easy task on sites running an unpatched All in One SEO version by "Changing a single character to uppercase" to bypass all implemented privilege checks.
WordPress admins still using All In One SEO versions affected by these severe vulnerabilities who haven't already installed the 4.1.5.3 patch are advised to do it immediately.
News URL
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-17 | CVE-2021-25036 | Improper Handling of Case Sensitivity vulnerability in Aioseo ALL in ONE SEO The All in One SEO WordPress plugin before 4.1.5.3 is affected by a Privilege Escalation issue, which was discovered during an internal audit by the Jetpack Scan team, and may grant bad actors access to protected REST API endpoints they shouldn’t have access to. | 8.8 |