Warning: Vulnerability discovered in Yoast SEO WordPress plugin

Yoast SEO v3.2.4 and earlier versions have a security vulnerability that can give people access to your SEO settings.

Chat with MarTechBot

wordpress-logo-1920

WordPress and Yoast SEO users: If you do not have the most recent version of the Yoast SEO plugin, grab it now. Last Friday, it was discovered that Yoast SEO versions 3.2.4 and earlier would allow anyone who has “subscriber” level access to your WordPress site to download your Yoast SEO settings.

What this means is that it would be easy for someone to get into open sites to access your potentially confidential SEO settings just by creating an account and exploiting the vulnerability.

The bug was reported last week and has already been patched. However, it does affect all earlier versions of the plugin, so it is highly recommended that you upgrade to ensure that you do not expose your Yoast SEO data to unscrupulous snoops.

The plugin can be downloaded from the WordPress plugin repository or directly from Yoast’s website.


Opinions expressed in this article are those of the guest author and not necessarily MarTech. Staff authors are listed here.


About the author

Tamar Weinberg
Contributor
Tamar Weinberg is a professional hustler and author of The New Community Rules: Marketing on The Social Web. She blogs about all things tech, productivity, and social media customer success at Techipedia. She can be found on Facebook, Twitter, and LinkedIn, among other sites.

Get the must-read newsletter for marketers.