It has been brought to our attention that the popular “All-In-One SEO” plugin for WordPress leaves your website open to what is called a cross-site scripting attack. This means both your website and your visitor’s computers could be vulnerable when visiting your website! Please be sure to login to your WordPress install and update the plugin or navigate to our 1-click web apps utility within Plesk and update from there. You will have the option of completing a full backup before the update is completed.
We know those notification emails about updates being available for your web application can be a tad annoying, but they are also quite important; please do not ignore them. If you have our Platinum Plan or Grape Kiwi plan, please open a ticket and let us know that you have updates waiting so we can be sure to keep on top of this for you.
If you are on a do-it-yourself hosting plan, be sure to log in to Plesk and navigate to the 1-click web apps utility to update your applications and all plugins and themes within.
While security vulnerabilities within WordPress and its plugins are announced regularly, in our experience this weakness is mitigated by ensuring both WordPress and its plugins and theme files are kept updated at all times. Please be sure to keep the updates rolling to ensure your website continues to run smoothly.