Older versions of the popular WordPress All-In-One SEO plugin contain a vulnerability that allows an attacker to store malicious code in the admin panel that could potentially help him to take over the management of the site.
This plug-in (All in One SEO) helps page managers improve SEO (Search Engine Optimization) with too many settings.
One of these settings is called Bot Blocker and it allows administrators to decide which search engine is allowed to access their website. This setting is disabled by defaultchoice, so there is no need to worry about them users of the plugin.
If now someone uses this feature, according to security researcher David Vaartjes, the plugin records these bot visits, without cleaning the text present in the User Agent.
So if an attacker can change these characteristics by attaching malicious code, (if of course it knows which bot is blocked on the site) then the attack is successful.
Although many parameters must be matched to successfully complete the attack, do not wait, upgrade to the next version…
