A medium severity security issue has been discovered on the popular plugin All In One SEO Pack, installed in over 2 million sites.

The vulnerability allows authenticated users with contributor level permissions and above the ability to inject malicious scripts on the website and can result in severe consequences such as a complete site takeover.

We strongly recommend immediately updating to the latest version of this plugin.

For more information please check the official public release.

If you have questions, don’t hesitate to contact our support team.