Ew, that’s unsanitary: SEO plugin for WordPress would run arbitrary JavaScript inputs instead of scrubbing them

XSS vuln could hijack websites so update your All in One pack

A popular WordPress search engine optimisation plugin with around two million installs could have been abused to hijack a target website, according to a threat intel firm.…

...continue reading...

Source: Theregister.co.uk/security / Article: "Ew, that's unsanitary: SEO plugin for WordPress would run arbitrary JavaScript inputs instead of scrubbing them"