BowlerHat is a Local SEO consulting & SEO
Audit
company that helps you win online

WordPress All in One SEO Plugin Vulnerabililty

Shady hacker trying to break into a websiteHey folks, there is a recently announced vulnerability affecting the popular All in One SEO Plugin. The vulnerability allows a site user of any level to escalate privileges to admin level and from there on in they pretty much have an open book.  

Hey, I’m over here, hack me!

Frustratingly the All in One SEO plugin issues a generator tag that announces the version number. So, before long, some enterprising asshole hacker will likely frig together a scanner to identify target sites and we will see infection rates rocket.SEO Implications

The SEO implications are stark – depending on what the attacker decides to do you may see your visitors infected which is not a great present for your loyal or soon to be customers. Worse still you may see a warning page placed before your site by your web browser or by Google search informing customers to turn back. These warning pages have become increasingly hard to allow folks to proceed past (if they would even want to) and you can see an interruption to website traffic, PPC traffic and recently we have seen local results decoupled from the site with users sent directly to the Google+ page. If the problem persists for a week or more you can see a serious impact to your online visibility which will hit you where it hurts – in the pocket!

Cleaning up once you have been infected is also no joke and often sites can be reinfected via back doors and other problems.

The best defence…

The best defence is always a good offence and that includes regular daily backups, updating plugins as they become available and keeping WordPress itself up-to-date. There are also further steps you can take to secure a WordPress installation and bolting on some security monitoring so you know the minute something changes or if the site becomes vulnerable is a sensible approach – insurance for your visibility (check out our SEO Armour Service for a comprehensive security monitoring, clean up and back up system that takes care of security on WordPress or any other CMS system).

A Simple Fix

Fortunately, this one has a simple fix – simply update the plugin to the latest version and sleep easy at night.

Stay Safe, Stay Secure, Stay in Business!

There is some pretty nasty malware out there at the moment and attackers are going to be looking for new methods to distribute these tools – don’t let your site be one of the zombies! If you need help with security drop a comment below or give us a shout + share this post to ensure everyone using All in One SEO Pack gets updated.

Trackback from your site.

Marcus Miller

I am an SEO Consultant based in Birmingham UK and with clients all over the world. I have been working in and around search for 15 years and currently focus on SEO Consulting, Website Consulting, Local SEO and Technical SEO Audits.

Comments (4)

  • comment_avatar

    Warwick

    |

    Thanks for the heads up Marcus! Now to try and remember which of our 100’s of sites has it installed! Grrrrr!

    Reply

    • comment_avatar

      Marcus Miller

      |

      Yep, it’s a nasty one as well so it’s off to manual audit land you go! *cough* it’s no Yoast WordPress SEO anyhow *cough* :)

      Reply

  • comment_avatar

    Andy Kinsey

    |

    Great post Marcus, security should be paramount for any transnational website today. Despite all my efforts I still get people pounding my site, i found a better result than a plugin like WordFence, I use a Web Application Firewall (WAF) called cloudproxy which acts as a stopping gate such that anyone not whitelisted can’t send requests to wp-admin nor try to send PHP into a url etc… very cool and actively updated. Much less stressful that a plugin too that may not always be updated isntantly.

    Reply

    • comment_avatar

      Marcus Miller

      |

      Hey Andy

      Hey, great point. We run security for a bunch of client sites (mainly wordpress) and we use a combination of various solutions. Sometimes something local like WordFence but more often than not a mixture of solutions: Blacklist monitoring, Web Application Firewall etc. Really, our drive here is search visibility and business continuation so we also crawl the site, check for technical gotchas and would you believe it, just keeping plugins and WordPress core up-to-date can be a big help!

      We have seen so many sites hacked and have problems and it is usually due to the basics not being done *cough* update your plugins people *cough*.

      Cheers!
      Marcus

      Reply

Leave a comment