If you have the very popular WordPress plugin “All in One SEO Pack” installed on your WordPress Blogsite, please take a moment and update it.
What’s the problem?
A serious vulnerability has been found in the 4th most downloaded plugin, “All in One SEO Pack”. The vulnerability is highly techie, so I will just say this, an attacker can take over full control of your site. This applies to those who have the plugin active and who have not updated the plugin since July 12, 2016 and have the “Track Blocked Bots” setting enabled, which is by default disabled.
What to do about it
Update the plugin to the latest version (2.3.8). “All in One SEO Pack” plugin updated on July 12, 2016 contains the fix.
I suggest updating the plugin even if you do not have the “Track Blocked Bots” setting enabled. Better to be safe than sorry.