Serious Flaw Fixed In All in One SEO Pack WordPress Plugin..!
Serious Flaw Fixed In All in One SEO Pack WordPress Plugin..!

There is a serious stored cross site scripting (XSS) vulnerability in All in One SEO Pack Plugin versions 2.3.6.1 and older. This plugin is installed on over 1 million active websites and is extremely popular and widely used.

The vulnerability is in the plug-in's Bot Blocker functionality and can be exploited remotely by sending HTTP requests with specifically crafted headers to the website.

The vulnerability allows an attacker to send a malicious HTTP User-Agent or Referrer header to the site containing an XSS payload. If the administrator then visits their admin panel and views the “Bad Bot Blocker” settings page in this plugin, the attacker can take full control of their site.

The Bot Blocker feature is designed to detect and block spam bots based on their user agent and referer header values, according to security researcher David Vaartjes, who found and reported the issue.

This vulnerability is only exploitable on sites that have the “Track Blocked Bots” setting enabled. This setting is not enabled by default. There is no definitive data to indicate how many users of the plugin have enabled this feature. However, this plugin is extremely popular:
  1. All in One SEO Pack has been downloaded over 28 million times (this includes upgrades)
  2. It has been around for over 9 years
  3. It is one of the most downloaded WordPress plugins. But Akismet, Yoast SEO and Contact Form 7 have more downloads.

How to Prevent  :

If you're running a WordPress website and you have the hugely popular  plug-in installed, it's a good idea to update All in One SEO Pack  version 2.3.7  as soon as possible. The latest version released Friday fixes a flaw that could be used to hijack the site's admin account.

Bezoar Software  customers are already protected against exploitation of this vulnerability. We are offering a simple and hands off  WordPress maintenance service . We not only keep your WordPress website up to date, but we become a virtual team that handles many issues that may come up on your behalf.

Feel free to reach out to Bezoar Software via info@bezoarsoftware.com or 844-4-BEZOAR (844-423-9627) for details on the web design and development services that we offer.


More...

This vulnerability was discovered by David Vaartjes and you can find the full technical details of the vulnerability on his site.

A proof of concept has been published on exploit-db, which means this attack is already spreading.

This story has received coverage in the past few days from The RegisterWP Tavern,Softpedia.com and is on the Various Tech News Service which includes CIO.com ,PCWorld and ComputerWorld.