Msg#: 4676822 posted 2:05 pm on Jun 2, 2014 (gmt 0)
Researchers from Web security firm Sucuri found two flaws in a plug-in called “All in One SEO Pack” that potentially allow attackers with access to non-administrative WordPress accounts to elevate their privileges and inject malicious code into the administration panel.
WordPress site administrators are advised to upgrade the “All in One SEO Pack” plug-in to version 2.1.6 which was released Sunday in the WordPress add-ons repository. An update can also be initiated from the plug-in’s administration panel.
The flaws allowed hackers to launch privilege escalation and cross site scripting attacks against vulnerable sites running old versions below 2.1.6. The plugin has been downloaded nearly 19 million times.
Msg#: 4676822 posted 10:44 pm on Jun 2, 2014 (gmt 0)
Ha! Nope, no way. Omg, my leg's been pulled. :P Actually I'm anti-SEO packs. I just don't see the point of it.
I was checking the All in One WP download page to see which of the two it was, Yoast or the other one. Saw a link to the twitter page for the creator of it and was shocked to see he had nothing on his twitter stream on it.
Msg#: 4676822 posted 12:25 am on Jun 3, 2014 (gmt 0)
There is no addon or pack out there that can do a better job than applying changes manually to your own themes, the only limit is your knowledge and imagination.
I've disliked Wordpress's approach of saying "the SEO is fine" when guys like Matt Cutts and places like Webmaster Tools tell you that you should probably modify your titles etc. If Wordpress covered the basics then there would be less need for addons and modifications. It's time, wordpress.