The popular one additional WordPress All in One SEO has two vulnerabilities (CVE-2021-25036 and CVE-2021-25037), which make many thousands of websites vulnerable. If useste plugin, you should look for an updated version immediately, otherwise, it's like waiting to be hacked.
All in One SEO is a WordPress plugin released in 2007. We avoid such add-ons as the devil incense.
Why; There are many reasons, but we will mention three:
If a site doesn't have a notable content, an SEO plugin will do nothing, on the contrary if its content is interesting and possibly unique, the website will be found in the search engines.
Second, complex SEO add-ons (see AIO SEO, Yoast) suffer again and again from weaknesses and malfunctions and this has attracted attention. So it will be good for your site to use as few WordPress plugins as possible.
Thirdly, this plugin has been purchased by the owner of Wpbeginner, a well-known site that supposedly offers advice to WordPress friends, but actually promotes its own expensive products. Of course, you can live without them, but the way they are presented to beginners and ignorant makes them extremely necessary.
The WordPress All in One SEO plugin has two critical vulnerabilities security σε παλαιότερες εκδόσεις. Ο ερευνητής ασφάλειας της Automattic, Marc Montpas, ανακάλυψε και ανέφερε τα κενά ασφαλείας CVE-2021-25036 and CVE-2021-25037.
The developers of the plugin released version 4.1.5.3 with a security patch 14 days ago. Therefore, those who use the add-on should inform immediately. There are currently about 800.000 users who have not updated.