WordPress – Yoast SEO Plugin Vulnerability
Although WordPress started out as a simple blogging system, today it has developed into a complete content management system (CMS) that can be used only for blogging but for practically anything, with millions of people using it as a personal or business website. This is mostly due to the hundreds of plugins and widgets that are available for use. The freedom that WordPress has as a self-hosted platform implies that you can use it to create any website, simple or complex, different blogs, and so much more, while being incredibly easy to use.
In order to achieve all this, WordPress uses many different plugins, especially when it comes to SEO. Search engine optimization (SEO) is one of the most important tools used to increase traffic on a website.
One of the best known plugins for SEO is the Yoast plugin. This plugin has over 14 million downloads as their website claims. It is a widely spread belief that your WordPress website will never have enough search engine optimization (SEO) if you do not have the WordPress SEO by Yoast plugin installed.
However, a huge flaw has been discovered in this plugin that might put your website in danger and cause leakage of confidential data.
How secure is SEO by Yoast?
Last week, an important Yoast vulnerability has been discovered which could have put millions of websites at critical risk to be attacked by hackers. This Yoast vulnerability was discovered by a developer of the WordPress vulnerability scanner Ryan Dewhurst, and it applies to almost every version of the plugins that go by the name "WordPress SEO by Yoast".
This vulnerability is called a Blind SQL injection, or SQLi, which could cause leakage of confidential information, deleting information, or modifying important data.
According to the Hacker News – " Basically in SQLi attack, an attacker inserts a malformed SQL query into an application via client-side input."
Explaining how a SQLi attack works!
An important thing to know is that not every user of the SEO by Yoast plugin can become a victim of hackers. Evidently, in order to abuse this Yoast vulnerability, the hacker will need the help of social engineering in order to trick authorized users which have access to the 'admin / class-bulk-editor-list-table.php' file (this is where the vulnerability is found) to click on a link. Authorized users which can access this file are the Admin, Editor, or Author privileged users. This means that the only way a hacker can use this flaw is if the authorized user is tricked into clicking a link (URL) which will then allow the hacker to create their own new admin account and mess up or abuse the WordPress site.
If the authorized user does not click on any dangerous urls, there's no risk of exploiting this recently discovered Yoast vulnerability.
This Yoast vulnerability has been found in most versions ending with the 18.104.22.168. version where two Blind SQL injection vulnerabilities were found.
What's the best way to protect your WordPress website?
When something like this comes up that puts at risk millions of websites out there, a quick solution is often necessary. Immediately after this information was spread all over the internet, many quick fix-ups were offered to users.
Luckily, the team of developers of the Yoast plugin managed to rapidly issue a new, fixed and improved version of the WordPress SEO by Yoast plugin. The latest version of WordPress SEO by Yoast 1.7.4 is now available for downloading and the developers promise that this version has " fixed possible CSRF and blind SQL injection vulnerabilities in bulk editor. "
The team of Yoast and Joost de Valk (the owner and creator of yoast.com) has issued a WordPress SEO Security release where it states that all the flaws have been fixed. Furthermore, there will be a forced automatic update due to the seriousness of this issue. This update will be available for both free and premium users.
However, if you are a WordPress administrator and you have the auto-update feature disabled, it is recommended that you immediately upgrade your WordPress SEO by Yoast plugin manually !!!