March 11, 2015

Yoast WordPress SEO Plugin Vulnerable To Hackers : How to Fix it

If you what is WordPress than you alos may be familiar with Yoast WordPress SEO plugin. Millions of WordPress sites may be exposed to SQL Injection vulnerability due to a security hole in Yoast SEO plugin. Make sure to update your plugin.
Yoast WordPress SEO Plugin Vulnerable To Hackers : eAskme
Yoast WordPress SEO Plugin Vulnerable To Hackers : eAskme
Other people are reading : Google Analysis Shows Over 80% Of HTTPS URLs Not Displaying In Google’s Search Results

Yoast WordPress SEO Plugin is one of the most popular SEO plugin used by over 14 million WordPress blogs. Now has reportedly been open to an exploit exposed to SQL Injection vulnerability where hackers can do a Blind SQL injection.

What is Blind SQL injection

Blind SQL Injection is an attack that asks the database true or false questions.This attack is used when web application show generic error messages, but has not secured the code that is vulnerable.

How Blind SQL injection Works : eAskme


Hackers send SQL query into the database to either delete data, extract data or modify data. It is often used to insert spam links, malware/adware, unwanted or unauthorized affiliate on sites.

Also See : 12 Must Have WordPress Plugin

How to fix Yoast WordPress SEO Plugin Vulnerablity

If you are on WordPress, chances are that you are using WordPress SEO by Yoast plugin. To issue is noticed in older versions. So you should upgrade to version 1.7.4 immediately. This version is documented to be a security fix. The security fix says:

How to fix Yoast WordPress SEO Plugin Vulnerablity : eAskme

How to Update Yoast WordPress SEO Plugin

  • Login to your WordPress dashboard.
  • Go to Manage.
  • Click on Plugin & Themes.
  • Click on "Auto Updates" tab.
You should always keep auto update feature turned on.

Yoast has also announced that the WordPress team has automatically pushed an update to WordPress installs and this plugin automatically updated.

Update WordPress SEO by Yoast plugin to be safe and actually you should update every plugin or theme you use to stay safe.

Have you already updated WordPress plugins? How you secure your WordPress Blogs?