SQL vulnerability in WordPress SEO by Yoast – PATCH IMMEDIATLY

The WordPress SEO by Yoast plugin is used by millions of WordPress websites which want to be found on the internet. The WordPress SEO by Yoast plugin is a free search engine optimilisation plugin which holds various tips and methods to increase the ranking of WordPress websites.

Now it seems that the WordPress SEO by Yoast plugin has a critical vulnerability in its code. The vulnerability which is found in the ‘admin/class-bulk-editor-list-table.php’ file allows cybercriminals and hackers to perform SQL injection attacks. The SQL injection attack would allow the cybercriminal or the hacker to gain access to classified and personal information which is stored on the WordPress database.

The attack

The cybercriminals and hackers are only to perform this attack when they already have access to the WordPress website. It is also possible for the cybercriminals to send a malicious link to website developer or administrator. The link would allow the hackers to gain direct access to the WordPress website.

The link would look like this: