WP Clinic
Log in Sign up

PLUGIN SECURITY

Is All in One SEO – AI SEO Plugin to Boost SEO Rankings & Traffic (Schema, Local SEO, Sitemap & SEO Insights) safe?

Known vulnerabilities, PHP compatibility and safer alternatives for the All in One SEO – AI SEO Plugin to Boost SEO Rankings & Traffic (Schema, Local SEO, Sitemap & SEO Insights) WordPress plugin — checked against WP Clinic's local security database.

Plugin details

  • Slug: all-in-one-seo-pack

Known vulnerabilities

  • All in One SEO – AI SEO Plugin to Boost SEO Rankings &amp; Traffic (Schema, Local SEO, Sitemap &amp; SEO Insights) [all-in-one-seo-pack] < 4.1.5.3 [CVE-2021-25036, WordPress All in One SEO plugin <= 4.1.5.2 - Authenticated Privilege Escalation vulnerability, All In One SEO &lt; 4.1.5.3 - Authenticated Privilege Escalation, All in One SEO 4.0.0 - 4.1.5.2 Authorization Bypass]
  • All in One SEO – AI SEO Plugin to Boost SEO Rankings &amp; Traffic (Schema, Local SEO, Sitemap &amp; SEO Insights) [all-in-one-seo-pack] < 4.1.5.3 [CVE-2021-25037, WordPress All in One SEO plugin <= 4.1.5.2 - Authenticated SQL Injection (SQLi) vulnerability, All In One SEO &lt; 4.1.5.3 - Authenticated SQL Injection, All in One SEO 4.1.3.1 - 4.1.5.2 - Authenticated SQL Injection]
  • All in One SEO – AI SEO Plugin to Boost SEO Rankings &amp; Traffic (Schema, Local SEO, Sitemap &amp; SEO Insights) [all-in-one-seo-pack] < 4.1.0.2 [CVE-2021-24307, WordPress All In One SEO Pack plugin <= 4.1.0.1 - Authenticated Remote Code Execution (RCE) vulnerability, All in One SEO Pack &lt; 4.1.0.2 - Admin RCE via unserialize, All in One SEO <= 4.1.0.1 - Authenticated Code Injection]
  • All in One SEO – AI SEO Plugin to Boost SEO Rankings &amp; Traffic (Schema, Local SEO, Sitemap &amp; SEO Insights) [all-in-one-seo-pack] < 3.6.2 [CVE-2020-35946, WordPress All In One SEO Pack plugin <= 3.6.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability, All in One SEO Pack &lt; 3.6.2 - Authenticated Stored Cross-Site Scripting, All in One SEO Pack <= 3.6.1 - Authenticated (Contributor+) Stored Cross-Site Scripting]
  • All in One SEO – AI SEO Plugin to Boost SEO Rankings &amp; Traffic (Schema, Local SEO, Sitemap &amp; SEO Insights) [all-in-one-seo-pack] < 2.0.3.1 [CVE-2013-5988, All in One SEO Pack &lt;= 2.0.3 - XSS, All in One SEO <= 2.0.3 - Cross-Site Scripting via Search Parameter]
+ 34 more known vulnerabilities
  • All in One SEO – AI SEO Plugin to Boost SEO Rankings &amp; Traffic (Schema, Local SEO, Sitemap &amp; SEO Insights) [all-in-one-seo-pack] < 3.2.7 [CVE-2019-16520, All In One SEO Pack &lt; 3.2.7 - Stored Cross-Site Scripting (XSS), All In One SEO Pack <= 3.2.6 - Stored Cross-Site Scripting]
  • All in One SEO – AI SEO Plugin to Boost SEO Rankings &amp; Traffic (Schema, Local SEO, Sitemap &amp; SEO Insights) [all-in-one-seo-pack] < 2.2.6 [CVE-2015-0902, All in One SEO Pack information management vulnerability, WordPress All in One SEO Pack Plugin <= 2.2.5 - Information Management, All in One SEO Pack &lt;= 2.2.5.1 - Information Disclosure, All in One SEO <= 2.2.5.1 - Information Disclosure]
  • All in One SEO – AI SEO Plugin to Boost SEO Rankings &amp; Traffic (Schema, Local SEO, Sitemap &amp; SEO Insights) [all-in-one-seo-pack] < 2.3.7 [WordPress All in One SEO Pack Plugin <= 2.3.6.1 - Stored Cross Site Scripting]
  • All in One SEO – AI SEO Plugin to Boost SEO Rankings &amp; Traffic (Schema, Local SEO, Sitemap &amp; SEO Insights) [all-in-one-seo-pack] < 2.3.8 [WordPress All in One SEO Pack Plugin <= 2.3.7 - Cross Site Scripting]
  • All in One SEO – AI SEO Plugin to Boost SEO Rankings &amp; Traffic (Schema, Local SEO, Sitemap &amp; SEO Insights) [all-in-one-seo-pack] < 2.3.6.2 [WordPress All in One SEO Pack Plugin 2.3.6.1 - Persistent XSS]
  • All in One SEO – AI SEO Plugin to Boost SEO Rankings &amp; Traffic (Schema, Local SEO, Sitemap &amp; SEO Insights) [all-in-one-seo-pack] < 2.2.6.2 [WordPress All in One SEO Pack Plugin <= 2.2.6.1 - Cross Site Scripting]
  • All in One SEO – AI SEO Plugin to Boost SEO Rankings &amp; Traffic (Schema, Local SEO, Sitemap &amp; SEO Insights) [all-in-one-seo-pack] < 2.1.6 [WordPress All in One SEO Pack Plugin <= 2.1.5 - Cross Site Scripting]
  • All in One SEO – AI SEO Plugin to Boost SEO Rankings &amp; Traffic (Schema, Local SEO, Sitemap &amp; SEO Insights) [all-in-one-seo-pack] < 2.1.6 [WordPress All in One SEO Pack Plugin <= 2.1.5 - Privilege Escalation]
  • All in One SEO – AI SEO Plugin to Boost SEO Rankings &amp; Traffic (Schema, Local SEO, Sitemap &amp; SEO Insights) [all-in-one-seo-pack] < 4.2.4 [CVE-2022-38093, WordPress All in One SEO plugin <= 4.2.3.1 - Multiple Cross-Site Request Forgery (CSRF) vulnerabilities, All in One SEO <= 4.2.3.1 - Cross-Site Request Forgery, All in One SEO &lt; 4.2.4 - Multiple CSRF]
  • All in One SEO – AI SEO Plugin to Boost SEO Rankings &amp; Traffic (Schema, Local SEO, Sitemap &amp; SEO Insights) [all-in-one-seo-pack] < 2.10 [All in One SEO Pack &lt;= 2.9.1.1 - Authenticated Stored Cross-Site Scripting (XSS)]
  • All in One SEO – AI SEO Plugin to Boost SEO Rankings &amp; Traffic (Schema, Local SEO, Sitemap &amp; SEO Insights) [all-in-one-seo-pack] < 2.3.8 [All in One SEO Pack &lt;= 2.3.7 - Unauthenticated Stored Cross-Site Scripting (XSS)]
  • All in One SEO – AI SEO Plugin to Boost SEO Rankings &amp; Traffic (Schema, Local SEO, Sitemap &amp; SEO Insights) [all-in-one-seo-pack] < 2.3.7 [All in One SEO Pack &lt;= 2.3.6.1 - Unauthenticated Stored Cross-Site Scripting (XSS)]
  • All in One SEO – AI SEO Plugin to Boost SEO Rankings &amp; Traffic (Schema, Local SEO, Sitemap &amp; SEO Insights) [all-in-one-seo-pack] < 2.2.6.2 [wpscan.com]
  • All in One SEO – AI SEO Plugin to Boost SEO Rankings &amp; Traffic (Schema, Local SEO, Sitemap &amp; SEO Insights) [all-in-one-seo-pack] < 2.1.6 [All in One SEO Pack &lt;= 2.1.5 - aioseop_functions.php new_meta Parameter XSS]
  • All in One SEO – AI SEO Plugin to Boost SEO Rankings &amp; Traffic (Schema, Local SEO, Sitemap &amp; SEO Insights) [all-in-one-seo-pack] < 2.1.6 [All in One SEO Pack &lt;= 2.1.5 - Unspecified Privilege Escalation]
  • All in One SEO – AI SEO Plugin to Boost SEO Rankings &amp; Traffic (Schema, Local SEO, Sitemap &amp; SEO Insights) [all-in-one-seo-pack] < 2.10 [All in One SEO <= 2.9.1.1 - Authenticated Stored Cross-Site Scripting]
  • All in One SEO – AI SEO Plugin to Boost SEO Rankings &amp; Traffic (Schema, Local SEO, Sitemap &amp; SEO Insights) [all-in-one-seo-pack] < 2.3.8 [All in One SEO Pack <= 2.3.7 - Unauthenticated Stored Cross-Site Scripting]
  • All in One SEO – AI SEO Plugin to Boost SEO Rankings &amp; Traffic (Schema, Local SEO, Sitemap &amp; SEO Insights) [all-in-one-seo-pack] < 2.3.7 [All in One SEO – Best WordPress SEO Plugin – Easily Improve SEO Rankings & Increase Traffic <= 2.3.6 - Stored Cross-Site Scripting]
  • All in One SEO – AI SEO Plugin to Boost SEO Rankings &amp; Traffic (Schema, Local SEO, Sitemap &amp; SEO Insights) [all-in-one-seo-pack] < 2.2.6.2 [All in One SEO <= 2.2.6.1 - Reflected Cross-Site Scripting]
  • All in One SEO – AI SEO Plugin to Boost SEO Rankings &amp; Traffic (Schema, Local SEO, Sitemap &amp; SEO Insights) [all-in-one-seo-pack] < 2.2.5 [All in One SEO <= 2.2.4.1 - Privilege Escalation to Arbitrary Post Modification]
  • All in One SEO – AI SEO Plugin to Boost SEO Rankings &amp; Traffic (Schema, Local SEO, Sitemap &amp; SEO Insights) [all-in-one-seo-pack] < 2.1.6 [All in One SEO <= 2.1.5 - Cross-Site Scripting]
  • All in One SEO – AI SEO Plugin to Boost SEO Rankings &amp; Traffic (Schema, Local SEO, Sitemap &amp; SEO Insights) [all-in-one-seo-pack] < 2.1.6 [All in One SEO <= 2.1.5 - Missing Authorization]
  • All in One SEO – AI SEO Plugin to Boost SEO Rankings &amp; Traffic (Schema, Local SEO, Sitemap &amp; SEO Insights) [all-in-one-seo-pack] < 4.3.0 [CVE-2023-0586, All in One SEO Pack <= 4.2.9 - Authenticated (Contributor+) Stored Cross-Site Scripting, WordPress All In One SEO Pack Plugin <= 4.2.9 is vulnerable to Cross Site Scripting (XSS), All in One SEO Pack &lt; 4.3.0 - Contributor+ Stored XSS]
  • All in One SEO – AI SEO Plugin to Boost SEO Rankings &amp; Traffic (Schema, Local SEO, Sitemap &amp; SEO Insights) [all-in-one-seo-pack] < 4.3.0 [CVE-2023-0585, All in One SEO Pack <= 4.2.9 - Authenticated (Administrator+) Stored Cross-Site Scripting, WordPress All In One SEO Pack Plugin <= 4.2.9 is vulnerable to Cross Site Scripting (XSS), All in One SEO Pack &lt; 4.3.0 - Admin+ Stored XSS]
  • All in One SEO – AI SEO Plugin to Boost SEO Rankings &amp; Traffic (Schema, Local SEO, Sitemap &amp; SEO Insights) [all-in-one-seo-pack] < 4.6.1.1 [CVE-2024-3554, All in One SEO – Best WordPress SEO Plugin – Easily Improve SEO Rankings & Increase Traffic <= 4.6.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode, WordPress All In One SEO Pack Plugin <= 4.6.0 is vulnerable to Cross Site Scripting (XSS)]
  • All in One SEO – AI SEO Plugin to Boost SEO Rankings &amp; Traffic (Schema, Local SEO, Sitemap &amp; SEO Insights) [all-in-one-seo-pack] < 4.6.1.1 [CVE-2024-3368, All in One SEO <= 4.6.0 - Authenticated (Contributor+) Stored Cross-Site Scripting]
  • All in One SEO – AI SEO Plugin to Boost SEO Rankings &amp; Traffic (Schema, Local SEO, Sitemap &amp; SEO Insights) [all-in-one-seo-pack] < 4.8.2 [CVE-2025-2892, All in One SEO Pack <= 4.8.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Post Meta Description and Canonical URL, WordPress All In One SEO Pack Plugin <= 4.8.1.1 is vulnerable to Cross Site Scripting (XSS), EUVD-2025-15663]
  • All in One SEO – AI SEO Plugin to Boost SEO Rankings &amp; Traffic (Schema, Local SEO, Sitemap &amp; SEO Insights) [all-in-one-seo-pack] < 4.9.0 [CVE-2025-12847, All in One SEO – Powerful SEO Plugin to Boost SEO Rankings & Increase Traffic <= 4.8.9 - Missing Authorization to Authenticated (Contributor+) Arbitrary Media Deletion, EUVD-2025-197686]
  • All in One SEO – AI SEO Plugin to Boost SEO Rankings &amp; Traffic (Schema, Local SEO, Sitemap &amp; SEO Insights) [all-in-one-seo-pack] < 4.9.1.1 [CVE-2025-67950, All In One SEO Pack <= 4.9.1 - Authenticated (Contributor+) SQL Injection]
  • All in One SEO – AI SEO Plugin to Boost SEO Rankings &amp; Traffic (Schema, Local SEO, Sitemap &amp; SEO Insights) [all-in-one-seo-pack] < 4.8.7 [CVE-2025-64295, All In One SEO Pack <= 4.8.6.1 - Authenticated (Subscriber+) Information Exposure]
  • All in One SEO – AI SEO Plugin to Boost SEO Rankings &amp; Traffic (Schema, Local SEO, Sitemap &amp; SEO Insights) [all-in-one-seo-pack] < 4.9.3 [CVE-2025-14384, All in One SEO – Powerful SEO Plugin to Boost SEO Rankings & Increase Traffic <= 4.9.2 - Missing Authorization to Authenticated (Contributor+) AI Access Token and Credit Disclosure]
  • All in One SEO – AI SEO Plugin to Boost SEO Rankings &amp; Traffic (Schema, Local SEO, Sitemap &amp; SEO Insights) [all-in-one-seo-pack] < 4.8.7.2 [WordPress All In One SEO Pack Plugin <= 4.8.7.1 - Sensitive Data Exposure Vulnerability, All In One SEO Pack <= 4.8.7.1 - Authenticated (Contributor+) Sensitive Information Exposure, EUVD-2025-30551]
  • All in One SEO – AI SEO Plugin to Boost SEO Rankings &amp; Traffic (Schema, Local SEO, Sitemap &amp; SEO Insights) [all-in-one-seo-pack] < 4.8.7.2 [CVE-2025-58650, All In One SEO Pack <= 4.8.7.1 - Missing Authorization, EUVD-2025-30547]
  • All in One SEO – AI SEO Plugin to Boost SEO Rankings &amp; Traffic (Schema, Local SEO, Sitemap &amp; SEO Insights) [all-in-one-seo-pack] < 4.9.7.1 [CVE-2026-5075, All in One SEO <= 4.9.7 - Authenticated (Contributor+) Sensitive Information Exposure via 'internalOptions' Localized Script Data]

Vulnerabilities are matched against the exact installed version when it's known. Always keep the plugin updated to the latest release.

Check your own WordPress site

Run a free passive scan now, or create a free account and install the WP Clinic plugin for a deep scan of your whole hosting account and AI-assisted repair.