WordPress plugin All in One SEO Pack privilege escalation vulnerabilities

Description
  • Marc-Alexandre Montpas reported two privilege escalation vulnerabilities in the WordPress plugin All in One SEO Pack. If your site has subscribers, authors and non-admin users logging in to wp-admin, you are a risk. If you have open registration, you are at risk, so you have to update the plugin now.
Remediation
  • Upgrade to the latest version of All in One SEO Pack (this problem was fixed in version 2.1.6).
References