WordFence: Security vulnerability in Yoast SEO 3.2.4
WordFence has identified a security vulnerability in Yoast SEO 3.2.4. If you use this WordPress plug-in, you are urged to update to version 3.2.5 immediately. From the WordFence blog:
One of our security researchers, Panagiotis Vagenas, discovered a vulnerability in Yoast SEO version 3.2.4 and earlier that allows any user with ‘subscriber’ level access to download your Yoast SEO settings. For sites that have open registration, this means that anyone can register and download your Yoast SEO settings by simply creating an account and running the exploit.