Wordpress Yoast Seo Plugin Vulnerability


Although WordPress started out as a simple blogging system, today it has developed into a complete content management system (CMS) that can be used only for blogging but for practically anything, with millions of people using it as a personal or business website. This is mostly due to the hundreds of plugins and widgets that are available for use. The freedom that WordPress has as a self-hosted platform implicates that you can use it to create any website, simple or complex, different blogs, and so much more, while being incredibly easy to use.
In order to achieve all this, WordPress uses many different plugins, especially when it comes to SEO. Search engine optimization (SEO) is one of the most important tools used to increase traffic on a website.
One of the best known plugins for SEO is the Yoast plugin. This plugin has over 14 million downloads as their website claims. It is a wide spread belief that your WordPress website will never have enough search engine optimization (SEO) if you do not have the WordPress SEO by Yoast plugin installed.
However, a huge flaw has been discovered in this plugin that might put your website in danger and cause leakage of confidential data.
How secure is SEO by Yoast?
Last week, an important Yoast vulnerability has been discovered which could have put millions of websites at critical risk to be attacked by hackers. This Yoast vulnerability was discovered by a developer of the WordPress vulnerability scanner Ryan Dewhurst, and it applies to almost every version of the plugins that go by the name "WordPress SEO by Yoast".
This vulnerability is called a Blind SQL injection, or SQLi, which could cause leakage of confidential information, deleting information, or modifying important data.
According to the Hacker News – " Basically in SQLi attack, an attacker inserts a malformed SQL query into an application via client-side input."
Explaining how a SQLi attack works!
An important thing to know is that not every user of the SEO by Yoast plugin can become a victim of hackers. Evidently, in order to abuse this Yoast vulnerability, the hacker will need the help of social engineering in order to trick authorized users which have access to the 'admin / class-bulk-editor-list-table.php' file (this is where the vulnerability is found) to click on a link. Authorized users which can access this file are the Admin, Editor, or Author privileged users. This means that the only way a hacker can use this flaw is if the authorized user is tricked into clicking a link (URL) which will then allow the hacker to create their own new admin account and mess up or abuse the WordPress site.
If the authorized user does not click on any dangerous urls, there's no risk of exploiting this recently discovered Yoast vulnerability.
This Yoast vulnerability has been found in most versions ending with the 1.7.3.3. version where two Blind SQL injection vulnerabilities were found.
What's the best way to protect your WordPress website?
When something like this comes up that puts at risk millions of websites out there, a quick solution is often necessary. Immediately after this information was spread all over the internet, many quick fix-ups were offered to users.
Luckily, the team of developers of the Yoast plugin managed to rapidly issue a new, fixed and improved version of the WordPress SEO by Yoast plugin. The latest version of WordPress SEO by Yoast 1.7.4 is now available for downloading and the developers promise that this version has " fixed possible CSRF and blind SQL injection vulnerabilities in bulk editor. "
The team of Yoast and Joost de Valk (the owner and creator of yoast.com) have issued a WordPress SEO Security release where it states that all the flaws have been fixed. Furthermore, there will be a forced automatic update due to the seriousness of this issue. This update will be available for both free and premium users.
However, if you are a WordPress administrator and you have the auto-update feature disabled, it is recommended that you immediately upgrade your WordPress SEO by Yoast plugin manually !!!
Source by Dobrica Nastova
The post WordPress – Yoast SEO Plugin Vulnerability appeared first on Managed WordPress Solutions Woocommerce Developer Web Design SEO Hosting.


Artikel ini hanyalah simpanan cache dari url asal penulis yang berkebarangkalian sudah terlalu lama atau sudah dibuang :

https://www.jonloh.com/wordpress-yoast-seo-plugin-vulnerability/

Kempen Promosi dan Iklan
Kami memerlukan jasa baik anda untuk menyokong kempen pengiklanan dalam website kami. Serba sedikit anda telah membantu kami untuk mengekalkan servis percuma aggregating ini kepada semua.

Anda juga boleh memberikan sumbangan anda kepada kami dengan menghubungi kami di sini
Onesignal Plugin Terbaik Untuk Push Notification Ke Wordpress

Onesignal Plugin Terbaik Untuk Push Notification Ke Wordpress

papar berkaitan - pada 13/4/2019 - jumlah : 411 hits
Statistik menunjukkan bahawa sebahagian besar daripada pengunjung laman web kita tidak pernah berkunjung semula ke laman web yang sama Kebanyakannya sekadar singgah sekali sahaja setelah menjumpai laman web kita melalui carian Google atau B...
Write Yoast Style For Online Seo Success

Write Yoast Style For Online Seo Success

papar berkaitan - pada 11/4/2019 - jumlah : 343 hits
Write yoast style on your blog and you ll learn the key components of popular SEO writing results that work anywhere you might write Yoast is a plugin for WordPress If you don t have it you might want to ask your webmaster to add it to your...
Pengertian Dan Jenis Jenis Seo

Pengertian Dan Jenis Jenis Seo

papar berkaitan - pada 8/4/2019 - jumlah : 287 hits
SEO merupakan bagian dari aktivitas blogging Apa itu SEO Apa saja jenis jenis SEO dan bagaimana menerapkannya di blog Posting ini mengulasnya secara ringkas SEO dilakukan agar blog cepat dan mudah terindeks Google Tujuan akhirnya adalah tra...
Seo Heartbeat Of A Website

Seo Heartbeat Of A Website

papar berkaitan - pada 17/4/2019 - jumlah : 207 hits
The term SEO which stands for Search Engine Optimization now rules the web world It is the SEO on which life of a website its growth prosperity and popularity depends entirely SEO is done by a group of highly skilled experts who with their ...
Apakah Seo Lebih Sulit Di 2019

Apakah Seo Lebih Sulit Di 2019

papar berkaitan - pada 21/4/2019 - jumlah : 216 hits
Search Engine Optimization adalah bagian dari aktivitas blogging Optimisasi ini diperlukan guna memenangi persaingan di indeks Google SEO Lebih Sulit di 2019 Google mengingingkan konten panjang dan berkualitas serta multimedia SEO lebih sul...
Top Wordpress Plugins To Install Right Now

Top Wordpress Plugins To Install Right Now

papar berkaitan - pada 21/4/2019 - jumlah : 251 hits
Given the huge variety of plugins available for WordPress I thought it would make sense to discuss my top WordPress plugins which I believe you should install right away A plug in is simply put a small software add on with a specific functi...
Dasar Dasar Seo Mengenal Sitemap Xml Dan Sitemap Html

Dasar Dasar Seo Mengenal Sitemap Xml Dan Sitemap Html

papar berkaitan - pada 19/4/2019 - jumlah : 217 hits
Penerapan Search Engine Optimization dalam blog harus diawali atau disertai dengan pemahaman tentang berbagai elemen Salah satunya tentang jenis jenis peta situs Sitemap adalah salah satu alat bantu untuk para webmaster yang mempermudah dal...
Siti Kasim Pas Loyalists Are Fools If They Fall For The Jihad Fundraising Drive To Save Siti Mastura S Skin

Ditch The Cubicle Your Home Office Guide

Kemalangan Di Lebuh Raya Utara Selatan Enam Mangsa Maut

Scammer Di Facebook

Apa Kuasa Myeg Ke Atas Worldcoin

Major Projects Will Make Sarawak An Asian Economic Force Says Premier

Final Call The Huawei Service Giving Season Ends On 31 December 2024

Petua Kesihatan Untuk Orang Yang Sudah Berusia


echo '';
Info Dan Sinopsis Drama Berepisod Curang Tanpa Niat Slot Megadrama Astro Ria

5 Insiden Jalan Sesak Yang Berlaku Lebih 24 Jam Durasinya

Senarai Lagu Tugasan Konsert Minggu 6 Gegar Vaganza 2024 Musim 11

Keputusan Markah Peserta Konsert Minggu 5 Gegar Vaganza 2024 Musim 11

10 Filem Drama Seram Melayu Berhantu Terbaru 2024 2025 Mesti Tonton


Raih Gigi Putih Alami Dengan 7 Bahan Sederhana Ini

5 Rahasia Mata Sehat Yang Direkomendasikan Pakar Mata

7 Tanda Kerusakan Otak Yang Kerap Dianggap Remeh

Kawal Alergik Bila Alahan

Petua Kesihatan Untuk Orang Yang Sudah Berusia

Indah Delvia Tacilak Di Nan Rami Chord