WordPress Vulnerability

WordPress SEO Plugin by Yoast Vulnerability

There is a blind SQL injection vulnerability that has been discovered in the popular WordPress SEO Plugin by Yoast, which could result in your site being compromised if you have an outdated version installed (1.7.3.3 or older). More details and examples of how an attacker could use this vulnerability to get into your site can be found in the WPScan Vulnerability Database.

As shown on WordPress.org, you can see almost half of Yoast’s users are using a version below 1.7:

Snap 2015-03-12 at 09.24.47

Yoast released version 1.7.4 of their plugin yesterday, which addresses this problem. If you are using version 1.7.3.3 or lower we recommend updating the plugin immediately in order to secure this particular vulnerability.

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *