As reported by the team at WordFence, the All in One SEO Pack flaw allowed authenticated users the ability to inject malicious scripts that could be executed if a victim accessed the wp-admin panel’s ‘all posts’ page.

What should you do?

Update the All in One SEO Pack plugin from the WordPress repository immediately.

How can you avoid future problems?

Staying up to date on plugins, themes and WordPress core is crucial for securing your website.  Learn more about our WordPress care plans and maintenance to help you stay out of trouble.