Plugin inspection:

All in One SEO Pack

No issues found

Last revised:

Confidence: Medium
This plugin has been given a short, targeted code review.

We didn't find anything worrying in this plugin. It's probably safe. Read more about this recommendation.

Warnings

This recommendation applies to version 2.2.3 of this plugin, but the most recent version is 3.7.1. These findings may no longer be correct.

Findings

  • Allows admin users to edit the .htaccess file which could cause loss of availability in some configurations (i.e. where Apache is used and where .htaccess files are not ignored). This is probably not too much of an issue since admin users can already delete all posts or do other destructive things, but being able to prevent all access to the site might be considered to be exceeding their privileges.
  • No other issues found

Failure criteria

  • Unsafe file or network IO

Read more about our failure criteria.