SEO is one the most important parts in making your website visible to the search engines. Over the years it has played a very important role in marketing and lead generation.
Most people who owns small businesses or startups often opt to install an SEO plugin in their WordPress rather than hire SEO professionals.
These plugins often do the job of improving the website’s SEO as well as attracting more visitors to the website.
One of the most popular WordPress SEO plugin is Rank Math. Just recently, the developer has updated and fixed several vulnerabilities of this plugin which include allowing users to reset settings of the plugin, cross site scripting vulnerability and a security update.
1. Authenticated Settings Reset – Allows any authenticated user (with a role as low as subscriber) to reset Settings of the plugin. (Source: WPVULNDB)
2. Cross Site Scripting vulnerability
According to Post Wigger, a cross-site scripting (also known as XSS) is a web security vulnerability that allows an attacker to compromise the interactions that users have with a vulnerable application. This update was publicly published a week ago.
3. Improved sanitization throughout the plugin
According to Search Engine Journal, sanitization means an extra layer of coding that will stop an unexpected input from breaking a script and allowing an exploit.
4. Fixed an error in the contact Shortcode when the time was added in a string format
5. Fixed ‘500 error’ appearing on some installations after updating the plugin settings
More of the most recent Rank Math updates can be seen on Rank Math’s changelog.
A changelog is a record of all notable changes made to a project. Whenever there’s changes to the plugin, the Rank Math changelog will be updated as well. This is a great way to inform users of the plugin’s vulnerabilities and this promotes transparency which is very rare nowadays. Some developers just tend to hide their product’s vulnerabilities.
Why is it important to update your WordPress plugin?
Updates can seen as intimidating or like a waste of time for some people. However, it is very important to get all your plugins updated in order to get access to new features and security and bug fixes that are very important in this time where hackers and cyber criminals are more active than ever.
By not updating your plugin, it could mean a security loophole for a cyber criminal to access.
New updates can also mean increase of speed for some plug-ins and maintaining backward compatibility.