Resources Blog Critical Vulnerability In vBSEO Patched

Critical Vulnerability In vBSEO Patched

H Security – (International) Critical vulnerability in vBSEO patched. The developers of the vBSEO extension to the vBulletin forum software closed a critical vulnerability in their plugin. The vBSEO plugin adds search engine optimization (SEO) functionality to the vBulletin core code. The vulnerability — a SQL injection flaw that allows attackers to execute commands and manipulate the contents of the forum’s database — comes only a short time after the developers patched another flaw, which was recently misused to attack online forums en masse. Affected users can download the patched versions of 3.3.x, 3.5.x, and 3.6.0 from the download area of the vBSEO Web site. The vBSEO forum also provides instructions on how to close the security hole manually. Since an exploit was already found in the wild, users should update their installations immediately.


Picture of Ali Loney

Written by Ali Loney

Ali Loney is a Senior UX Designer at Walmart Labs. She is based in Canada and was the former Graphic Designer at Sonatype.