All In One SEO is a WordPress plugin that provides search engine optimization tools for content creators. It is a WordPress plugin that helps you improve your website SEO (search engine optimization). With the plugin, you to easily add title tags, meta descriptions, keywords, and other elements that are important for on-page SEO optimization. It is one of the most popular WordPress SEO plugins with over 3 million active installs.
Unfortuntely, some versions of this plugin do not protect the site titles, meta descriptions and other things that you enter when you make a new post or page, or when you change the plugin settings. This means that users who can write posts, like contributors, can put bad code into those things, and that code will run in the browser of any logged-in user, like a site’s administrator, who edits such a post or page.
Here is a summary of All In One SEO Patches Multiple Stored XSS Vulnerabilities in Version 4.3.0:
The current 25.5 % of users have been updated to version 4.3. However, there are still more than 2 million+ not yet updated. It is recommended to update it as soon as possible to cover up the security patch.
Refer below to read more: