{"id":170710,"date":"2026-01-19T12:58:00","date_gmt":"2026-01-19T12:58:00","guid":{"rendered":"https:\/\/getshieldsecurity.com\/?p=170710"},"modified":"2026-01-19T12:58:01","modified_gmt":"2026-01-19T12:58:01","slug":"shieldnotes-91","status":"publish","type":"post","link":"https:\/\/getshieldsecurity.com\/blog\/shieldnotes-91\/","title":{"rendered":"All In One SEO and Other Severe Risks; & WordPress SQL injection Defense"},"content":{"rendered":"\n

Security is in focus again, with high-severity vulnerabilities in Supreme Modules Lite and a new All In One SEO risk impacting millions. Highlights from our SQL injection prevention blog round out this week\u2019s update.<\/p>\n\n\n\n

#1 – Security Risks in Popular Plugins<\/h2>\n\n\n\n

These plugins are widely used, and the first one on the list is the most critical, with a 9.1<\/strong>\/10<\/em> severity score. Update as soon as possible if you have them installed.<\/p>\n\n\n\n

Supreme Modules Lite Plugin<\/a>
<\/strong>Arbitrary File Upload; 9.1<\/strong>\/10; Update to v2.5.63+<\/p>\n\n\n\n

Advanced Ads Plugin<\/a>
<\/strong>SQL Injection; 7.6\/10; Update to v2.0.16+<\/p>\n\n\n\n

YouTube Feed Pro Plugin<\/a>
<\/strong>Arbitrary File Upload; 7.5\/10; Update to v2.6.1+<\/p>\n\n\n\n

Breeze Plugin<\/a>
<\/strong>Broken Access Control; 5.3\/10; Update to v2.2.22+<\/p>\n\n\n\n

All In One SEO Pack Plugin<\/a>
<\/strong>Broken Access Control; 4.3\/10; Update to v4.9.3+<\/p>\n\n\n\n

Editor Comment<\/strong>
It’s worth taking a few minutes each week to perform a sites review<\/a> to catch issues early and wherever possible, use ShieldPRO’s auto-upgrade<\/a> feature for vulnerable plugins.<\/p>\n\n\n\n

#2 – High Security Risks in Less Popular Plugins and Themes<\/h2>\n\n\n\n

These components have smaller install counts but very high severity scores, which makes them critical on any site where they are present.<\/p>\n\n\n\n

Modular DS Plugin<\/a>
<\/strong>Privilege Escalation; 10<\/strong>\/10; Update to v2.5.2+<\/p>\n\n\n\n

Blogzee Theme<\/a>
<\/strong>Arbitrary File Upload; 9.9<\/strong>\/10; No fix; Remove\/or replace.<\/p>\n\n\n\n

RegistrationMagic Plugin<\/a>
<\/strong>Privilege Escalation; 9.8<\/strong>\/10; Update to v6.0.7.2+<\/p>\n\n\n\n

Simply Schedule Appointments Plugin<\/a>
<\/strong>SQL Injection; 9.3<\/strong>\/10; Update to v1.6.9.13+<\/p>\n\n\n\n

Editor Comment<\/strong>
It’s worth taking a few minutes each week to perform a sites review<\/a> to catch issues early and wherever possible, use ShieldPRO’s auto-upgrade<\/a> feature for vulnerable plugins.<\/p>\n\n\n\n

#3 – Our blog: Prevent SQL Injection in WordPress<\/h2>\n\n\n\n

SQL injections are a serious threat that can severely impact WordPress sites. We cut through the technical jargon and provide clear, practical guidance to help you protect your site, regardless of your level of technical experience.<\/p>\n\n\n\n

More Info \u2192<\/a><\/p>\n\n\n\n

Thanks for reading, and have a wonderful week!<\/p>\n\n\n\n

Paul Goodchild<\/strong>
Shield Security for WordPres<\/em>s<\/p>\n","protected":false},"excerpt":{"rendered":"

Security is in focus again, with high-severity vulnerabilities in Supreme Modules Lite and a new All In One SEO risk impacting millions. Highlights from our SQL injection prevention blog round out this week\u2019s update.<\/p>\n","protected":false},"author":27,"featured_media":163832,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[153,201],"tags":[69],"class_list":["post-170710","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security-wordpress-solutions","category-shieldnotes","tag-security"],"acf":[],"_links":{"self":[{"href":"https:\/\/getshieldsecurity.com\/wp-json\/wp\/v2\/posts\/170710","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/getshieldsecurity.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/getshieldsecurity.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/getshieldsecurity.com\/wp-json\/wp\/v2\/users\/27"}],"replies":[{"embeddable":true,"href":"https:\/\/getshieldsecurity.com\/wp-json\/wp\/v2\/comments?post=170710"}],"version-history":[{"count":2,"href":"https:\/\/getshieldsecurity.com\/wp-json\/wp\/v2\/posts\/170710\/revisions"}],"predecessor-version":[{"id":170712,"href":"https:\/\/getshieldsecurity.com\/wp-json\/wp\/v2\/posts\/170710\/revisions\/170712"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/getshieldsecurity.com\/wp-json\/wp\/v2\/media\/163832"}],"wp:attachment":[{"href":"https:\/\/getshieldsecurity.com\/wp-json\/wp\/v2\/media?parent=170710"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/getshieldsecurity.com\/wp-json\/wp\/v2\/categories?post=170710"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/getshieldsecurity.com\/wp-json\/wp\/v2\/tags?post=170710"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}