Mageni Mageni Security LLC

Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

WordPress All in One SEO Pack Plugin < 4.1.0.2 RCE Vulnerability

Information

Severity

Severity

Critical

Family

Family

Web application abuses

CVSSv2 Base

CVSSv2 Base

9.0

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:L/Au:S/C:C/I:C/A:C

Solution Type

Solution Type

Vendor Patch

Created

Created

2 years ago

Modified

Modified

2 years ago

Share

Summary

The WordPress plugin All in One SEO Pack is prone to a remote code execution (RCE) vulnerability.

Insight

Insight

The All in One SEO - Best WordPress SEO Plugin enables authenticated users with 'aioseo_tools_settings' privilege (most of the time admin) to execute arbitrary code on the underlying host. Users can restore plugin's configuration by uploading a backup .ini file in the section 'Tool > Import/Export'. However, the plugin attempts to unserialize values of the .ini file. Moreover, the plugin embeds Monolog library which can be used to craft a gadget chain and thus trigger system command execution.

Affected Software

Affected Software

WordPress All in One SEO Pack plugin prior to version 4.1.0.2.

Solution

Solution

Update to version 4.1.0.2 or later.

Common Vulnerabilities and Exposures (CVE)

References