CVE-2021-25036

Name of the Vulnerable Software and Affected Versions All in One SEO WordPress plugin versions prior to 4.1.5.3

Description The issue allows bad actors to access protected REST API endpoints, potentially enabling users with low-privileged accounts to perform remote code execution on affected sites. This could grant unauthorized access to sensitive areas of the site.

Recommendations For versions prior to 4.1.5.3, update to version 4.1.5.3 or later to resolve the issue. As a temporary workaround, consider restricting access to protected REST API endpoints until the update is applied.