Rajesh Kumar

WordPress Updated Millions Of Yoast SEO Plugins Automatically

Post By Rajesh Kumar Post User March 13th, 2015 category Web Development comments no comments.

WordPress Updated Millions Of Yoast SEO Plugins Automatically

A day before yesterday, WordPress updated over 1 million Yoast Plugins citing virus attack and vulnerability. They said that over a millions website were at risk of being hacked, so this immediate update was inevitable. The company added that the SEO plug-in, used by over 14 million blogs, was vulnerable to a serious blind SQL injection attack.

The vulnerability was so severe that it allowed attackers to manipulate a site’s database injecting malicious code into the source code. A security researcher has discovered this blind SQL injection vulnerability that affected versions 1.7.3.3 and older of WordPress SEO by Yoast.

The WordPress said:
This morning we released an update to our WordPress SEO plugin (both free and premium) that fixes a security issue. A bit more details follow below, but the short version of this post is simple: update. Now. Although you might find your WordPress install has already updated for you.

Because of the seriousness of the threat, WordPress worked with Yoast to a automatically push updates to those using his plugin. This is how update took place:

  • running on 1.7 or higher, you’ll have been auto-updated to 1.7.4.
  • If you were running on 1.6.*, you’ll have been updated to 1.6.4.
  • If you were running on 1.5.*, you’ll have been updated to 1.5.7.

If you're using any version lower than that, your website won't be updated automatically.

-WordPress Updated Yoast SEO Plugins


Comments are closed.