CVE-2021-25037

Name of the Vulnerable Software and Affected Versions All in One SEO WordPress plugin versions prior to 4.1.5.3

Description The issue is an authenticated SQL injection problem that could grant attackers access to privileged information from the affected site's database, such as usernames and hashed passwords. This was discovered during an internal audit by the Jetpack Scan team.

Recommendations For versions prior to 4.1.5.3, update to version 4.1.5.3 or later to resolve the issue. As a temporary workaround, consider restricting database access to minimize the risk of exploitation.