Yoast SEO is an extremely popular WordPress plugin which offers great search engine optimisation functionality.
A security researcher at WordFence identified a security problem with the Yoast SEO plugin (version 3.2.4 and earlier). This is critical, because it gives any user with ‘subscriber’ level access the ability download the plugin settings. For websites that have open registration, this means that anyone can register and download your Yoast SEO settings.
Updates have already been applied for all our premium support customers’ websites. Vital updates like these are the first thing we do when a problem such as this comes to light. We monitor security announcements on your behalf to make sure your website gets an update promptly whenever there’s a problem. So you can relax and enjoy your weekend.
We advise anyone else with a WordPress website using this plugin to make sure you update to the latest version immediately…
For more information about the vulnerability, visit the WordFence website.