WordPress SEO By Yoast Vulnerability

Million WordPress websites using WordPress SEO by Yoast may be at risk of being hacked by an critial vulnerability known as Blind SQL Injection.

This SQL Injection is executed based on the data interaction between users and Web Application. That Web Application fails to check data input values can allow outside hackers to trigger this vulnerability and execute the artribary SQL queries on victim WordPress Websites.

A Proof of Concept is provided by Ryan Dewhurst who has been discovered this Blind SQL Injection in his advisory:

http://victim-wordpress-website.com/wp-admin/admin.php?page=wpseo_bulk-editor&type=title&orderby=post_date%2c(select%20*%20from%20(select(sleep(10)))a)&order=asc

This link will cause SQL query to execute and sleep for 10 seconds if clicked on as an authenticated admin, editor or author user. When an author user become a victim, he will be tricked to click on a specially crafted link or a page which is controlled by attackers.

By this way, cybercriminals and hackers can interfere in victims’ database, change or even delete all important data. They are also able to send unsafety links or applications to attacked WordPress Websites. How terrible it is when a hacker compromise entire your site!

If you are having this plugin running on your WordPress site with version 1.7.3 or lower, upgrade your site as soon as possible with latest version of WordPress SEO by Yoast – version 1.7.4 to avoid and fix this serious security problem.