This week, Yoast, a popular WordPress plug in, used to create easily editable SEO fields, announced an update to combat a serious security issue.
Older versions of Yoast have a vulnerability to “Blind SQL Injection”. This means that: “by having a logged-in author, editor or admin visit a malformed URL, a malicious hacker could change your database“. These older versions also have the potential to allow the corruption or loss of sensitive data.
Millions of sites use Yoast, so if you run a small business, find out whether or not your website is up to date with the latest, most secure, version as quickly as possible. WordPress did roll out a forced automatic update, so sites using versions 1.5.x, 1.6.x or 1.7.x of Yoast may have been updated automatically.
The most recent version of the Yoast plug in is 1.7.4, available from the Yoast site.
Crush’s Development Team has made sure that the latest update is in place for all Crush clients. Your Yoast is not toast! This is toast.