The popular one additional WordPress All in One SEO έχει δύο τρωτά σημεία (CVE-2021-25036 και CVE-2021-25037), τα οποία καθιστούν πολλές χιλιάδες ιστοσελίδες ευάλωτες. Αν χρησιμοποιείτε το plugin, θα πρέπει να αναζητήσετε άμεσα μια ενημερωμένη έκδοση, διαφορετικά, θα είναι σαν να περιμένετε να σας hackάρουν.
All in One SEO is a WordPress plugin released in 2007. We avoid such add-ons as the devil incense.
Why; There are many reasons, but we will mention three:
If a site does not have relevant content, an SEO plugin will do nothing, otherwise if the content is interesting and possibly unique, the site will be in the search engines.
Second, complex SEO add-ons (see AIO SEO, Yoast) suffer again and again from weaknesses and malfunctions and this has drawn her caution. So it would be good to use as few WordPress plugins as possible on your site.
Thirdly, this plugin has been purchased by the owner of Wpbeginner, a well-known site that supposedly offers advice to WordPress friends, but actually promotes its own expensive products. Of course, you can live without them, but the way they are presented to beginners and ignorant makes them extremely necessary.
The WordPress All in One SEO plugin has two critical security vulnerabilities in older versions. Automattic security researcher Marc Montpas discovered and reported them security gaps CVE-2021-25036 and CVE-2021-25037.
The developers of the plugin released version 4.1.5.3 with a security patch 14 days ago. Therefore, those who use the add-on should inform immediately. There are currently about 800.000 users who have not updated.
