The All in One SEO Pack plugin is a popular choice for webmasters who wish to boost their WordPress-powered sites position in search engine rankings. Over 18 million people have already downloaded the plugin for use on their websites. But now a security firm has discovered an potentially dangerous security hole in the plugin’s code, that could leave the door open to malicious attackers. The solution? Update to version 2.1.6 of the plugin, which was released yesterday. You cannot run the plugin on WordPress.com, and so sites running on that platform are not affected.”]
Source: https://grahamcluley.com/seo-plugin-wordpress-security/