Hacker Alert – WordPress plugin ‘SEO by Yoast’ vulnerable

According to a Hacker News report, popular WordPress plugin ‘SEO by Yoast’ is susceptible to hackers. The ‘SEO by Yoast’ plugin developed by WordPress to enable developers make website more searchable is extremely popular and used by millions.

The vulnerability in the ‘SEO by Yoast’ plugin has the potential of affecting millions – websites and their users. According to an advisory, all versions of ‘SEO by Yoast’ prior to are vulnerable to the ‘Blind SQL Injection web application flaw’, and can cause seriously damages to a WordPress site.

This vulnerability can’t be triggered directly by a hacker. The flaw actually resides in the ‘admin/class-bulk-editor-list-table.php’ file, which is authorized to be accessed by privileged users such as the WordPress Admin, Editor or Author only. Hackers can trick these users into clicking on a link through social engineering which triggers the SQLi attack.

Once inside the system, the attackers can create their own admin account within the WordPress site and act as desired – send out harmful links to the site’s customers/subscribers, steal customer data, or even take the site down.

In the plugin’s defense, not everyone who uses it is going to be automatically affected as the attack can only be triggered by a WordPress Admin, Editor, or Author by clicking on a malicious link manually.

The good news is that the vulnerability has been patched in both the general and premium flavors of the latest ‘SEO by Yoast’ version (1.7.4). Those using older versions may simply update to this latest version and ensure website integrity.

This is a cue for all WordPress administrators who’ve disabled the ‘Auto-update’ feature to upgrade their ‘SEO by Yoast’ plugin at the soonest or manually download the latest version from WordPress plugin repository. Those who have installed WordPress 3.7 version and above can enable fully automated updating of their plugins and themes by navigating to:

Manage > Plugins & Themes > Auto Updates tab

Happy optimizing!

Tips for composing catchy, effective subject lines

Headlines have critical importance when it comes to effective copywriting. They decide whether the reader will spends more time with the copy or give it a miss. But even with a not so good headline, there is a chance that the reader may skim through the below content – maybe due to an interesting picture! […]

Tips on List Acquisition for effective Email Marketing

While Email Marketing continues to be the highest ROI generating marketing technique, marketers are striving towards optimizing their campaigns in order to get the best results. In order to optimize anything, one needs deep dive right to the root of every opportunity – and the list, of course, forms the foundation of email marketing. Marketers […]

Six best practices for effective email copywriting

It’s no surprise that Email Marketing has been recognized as the most effective means of lead/revenue generation for its ability to personalize the sales pitch and economic viability. And with this recognition came the onslaught of volumes and volumes of mail. Add to it the fact that the average attention span of adults has fallen […]

Stay innovative with your email content to ensure better engagement

We all know that innovation is critical for any business to achieve sustainability. And it becomes all the more important when we talk of it in the context of email marketing. Why? Because while conversing over an email you are communicating with a million customers who you don’t know on a personal basis; because they […]

Abandoned Shopping Cart Remarketing

E-commerce remains a domain where impulse sometimes overshadows reasoning. But while consumers won’t think twice while going ahead with small ticket purchases, they do research a lot when it comes to buying pricier goods. And many a times they simply end up stocking up their shopping cart on multiple sites and abandoning them either due […]

What’s your email marketing customer engagement strategy?

While that may sound a mouthful, possible make you read the headline again, do you actually have a strategy that ensures continuous customer engagement through email marketing?   Marketing bigwigs have been chanting the ‘continuous customer engagement’ hymn for donkey’s years. And eventually the age of such continuous engagements has arrived. Brands are maintaining a […]

Never get lost

The monthly sales targets are hovering over your head. A good lead can make or break it. You have followed up relentless with them. You have done all the required homework. And then you get a chance to meet with the decision maker. You pace around uncomfortably, practicing and perfecting your pitch. You can almost […]

The dawn of the digital marketing era

Digital Marketing has made its presence felt and announced its arrive with great aplomb – to the extent that many marketing gurus agree that it should no longer be considered as a branch of marketing, but an evolved form of marketing itself. Average Indian to spend Rs. 10,000 on e-commerce in 2015: ASSOCHAM-PwC Online advertising […]