Site hacked because of this module

Yes, Yoast’s quality control is the worst I’ve ever seen over my 20 years of software development.

https://www.searchenginejournal.com/popular-wordpress-plugin-seo-by-yoast-vulnerable-to-hackers/

Yeah, he should just focus on SEO and fine tuning his plugin like making it more secure from hacking.

That’s all I ever want or need. Hopefully more people think twice before they actually give a 5 star review, but I know the majority of people NEVER read or bother looking into details.

The problem is “Ego”….

Yoast has made a good SEO plugin, arguably one of the best, but wants to dominate more and more sectors, like sitemaps, etc, even though his plugin will NEVER be able to do as good a job as other more specific plugins. He even asks people to deactivate Google XML Sitemaps plugin and switch over to his (on his site)!

And yet, NOT providing the support here or addressing most of the concerns/issues….not possible anyway when you have millions of users.

I use the plugin with 12 client systems. I’ll will kick it out now everywhere and replace it with “All In One SEO”.

Actually they fixed the bug.

The Yoast team promptly patched the exploit upon being notified, and the newest version (1.7.4) is said to fix the problem.

You shouldn’t worry about it.

You should worry about it if you care about your site getting hacked, and the WordPress core team worried about it so much that they did something most of us didn’t know they could do: they pushed out a forced automatic update to Yoast’s plugin to v1.7.4. Pretty slick, but scary at the same time for those who thought they were in control of their own sites.

Yoast explains all at https://yoast.com/wordpress-seo-security-release/