{"id":149503,"date":"2014-06-04T00:25:00","date_gmt":"2014-06-03T23:25:00","guid":{"rendered":"http:\/\/www.borncity.com\/blog\/?p=149503"},"modified":"2021-05-03T07:39:08","modified_gmt":"2021-05-03T05:39:08","slug":"wordpress-plugin-all-in-one-seo-pack-angreifbar","status":"publish","type":"post","link":"https:\/\/borncity.com\/blog\/2014\/06\/04\/wordpress-plugin-all-in-one-seo-pack-angreifbar\/","title":{"rendered":"WordPress Plugin &quot;All in One SEO Pack&quot; angreifbar"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" title=\"Sicherheit\" style=\"border-left-width: 0px; border-right-width: 0px; border-bottom-width: 0px; float: left; margin: 0px 10px 0px 0px; display: inline; border-top-width: 0px\" border=\"0\" alt=\"Sicherheit\" src=\"https:\/\/borncity.com\/blog\/wp-content\/uploads\/2014\/03\/Sicherheit.jpg\" width=\"42\" align=\"left\" height=\"41\"\/>Mal wieder schlechte Nachrichten f\u00fcr Blogger, die auf WordPress aufsetzen und zwecks SEO-Optimierung das \"All in One SEO Pack\" Plugin einsetzen. \u00c4ltere Versionen des Plugin enthalten Sicherheitsl\u00fccken, die die WP-Installation angreifbar machen.<\/p>\n<p><!--more--><\/p>\n<p>Die betreffenden Informationen finden sich <a href=\"https:\/\/web.archive.org\/web\/20201111192859\/https:\/\/blog.sucuri.net\/2014\/05\/vulnerability-found-in-the-all-in-one-seo-pack-wordpress-plugin.html\" target=\"_blank\" rel=\"noopener noreferrer\">hier im sucuri-Blog<\/a>. In \u00e4lteren Versionen des Plugins gibt es eine XSS cross site-L\u00fccke, \u00fcber die sich Angreifer erh\u00f6hte Privilegien verschaffen k\u00f6nnen. Laut Blog-Eintrag wurden im Plugin zwei Sicherheitsl\u00fccken durch das neueste Update des <a href=\"https:\/\/web.archive.org\/web\/20180216075307\/https:\/\/semperfiwebdesign.com\/blog\/all-in-one-seo-pack\/all-in-one-seo-pack-release-history\/\" target=\"_blank\" rel=\"noopener noreferrer\">All in One SEO Pack<\/a> gepatcht. Falls ihr also das Plugin einsetzt und keine automatische Update-Benachrichtigung auf Version 2.1.6 erschienen ist, solltet ihr das Update schnellstm\u00f6glich nachholen. <\/p>\n","protected":false},"excerpt":{"rendered":"<p>Mal wieder schlechte Nachrichten f\u00fcr Blogger, die auf WordPress aufsetzen und zwecks SEO-Optimierung das \"All in One SEO Pack\" Plugin einsetzen. \u00c4ltere Versionen des Plugin enthalten Sicherheitsl\u00fccken, die die WP-Installation angreifbar machen.<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[426],"tags":[4328,4349],"class_list":["post-149503","post","type-post","status-publish","format-standard","hentry","category-sicherheit","tag-sicherheit","tag-wordpress"],"_links":{"self":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts\/149503","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/comments?post=149503"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts\/149503\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/media?parent=149503"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/categories?post=149503"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/tags?post=149503"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}