WP-Safety

All in One SEO – Powerful SEO Plugin to Boost SEO Rankings & Increase Traffic Security & Risk Analysis

wordpress.org/plugins/all-in-one-seo-pack

AIOSEO is the most powerful WordPress SEO plugin. Improve SEO rankings and traffic with comprehensive SEO tools and smart AI SEO optimizations!

3.0M active installs v4.9.5.1 PHP 7.2+ WP 5.7+ Updated Mar 9, 2026
google-search-consolemeta-descriptionschemaseoxml-sitemap
82
B · Generally Safe
CVEs total26
Unpatched0
Last CVEJan 15, 2026
Plugin page Download
Safety Verdict

Is All in One SEO – Powerful SEO Plugin to Boost SEO Rankings & Increase Traffic Safe to Use in 2026?

Mostly Safe

Score 82/100

All in One SEO – Powerful SEO Plugin to Boost SEO Rankings & Increase Traffic is generally safe to use. 26 past CVEs were resolved. Keep it updated.

26 known CVEsLast CVE: Jan 15, 2026Updated 24d ago
Risk Assessment

The All in One SEO Pack plugin, version 4.9.5.1, exhibits a mixed security posture. While it demonstrates good practices in SQL query preparedness (93%) and output escaping (89%), and has no currently unpatched vulnerabilities, several concerning factors warrant attention. The static analysis reveals a substantial attack surface with 10 entry points, of which 4 lack authentication checks. This is a significant concern as it exposes potentially sensitive functionalities to unauthorized users. The presence of two instances of the `unserialize` function, without explicit taint analysis results to confirm sanitization, is another red flag, as it can be a vector for code execution if not handled with extreme care.

The plugin's vulnerability history is extensive, with 26 known CVEs including one critical and five high-severity past vulnerabilities. The common types of vulnerabilities listed (Missing Authorization, CSRF, Improper Authentication, SQL Injection, Code Injection, XSS, Information Exposure) indicate a recurring pattern of weaknesses in input validation, authorization, and secure coding practices. Although there are no currently unpatched vulnerabilities, this history suggests a potential for new vulnerabilities to emerge if past issues are not thoroughly addressed in the development process. The last recorded vulnerability date (2026-01-15) is in the future, which could indicate a data anomaly or an error in the reporting, but doesn't detract from the historical trend.

In conclusion, while All in One SEO Pack has improved in areas like SQL sanitization and output escaping, the significant number of unprotected AJAX handlers and the historical pattern of severe vulnerabilities suggest a need for ongoing vigilance and security hardening. The presence of `unserialize` without clear sanitization in the static analysis is a specific point of concern that could be exploited. The plugin's strengths lie in its improved data handling for SQL and output, but its weaknesses are in its exposed entry points and a history of critical security flaws.

Key Concerns

  • Unprotected AJAX handlers
  • Presence of unserialize function
  • Large number of known CVEs
  • Past critical severity CVEs
  • Past high severity CVEs
Vulnerabilities
26

All in One SEO – Powerful SEO Plugin to Boost SEO Rankings & Increase Traffic Security Vulnerabilities

CVEs by Year

4 CVEs in 2014
2014
2 CVEs in 2015
2015
2 CVEs in 2016
2016
1 CVE in 2018
2018
1 CVE in 2019
2019
1 CVE in 2020
2020
3 CVEs in 2021
2021
1 CVE in 2022
2022
2 CVEs in 2023
2023
2 CVEs in 2024
2024
6 CVEs in 2025
2025
1 CVE in 2026
2026
Patched Has unpatched

Severity Breakdown

Critical
1
High
5
Medium
20

26 total CVEs

CVE-2025-14384medium · 4.3Missing Authorization

All in One SEO – Powerful SEO Plugin to Boost SEO Rankings & Increase Traffic <= 4.9.2 - Missing Authorization to Authenticated (Contributor+) AI Access Token and Credit Disclosure

Jan 15, 2026 Patched in 4.9.3 (1d)
CVE-2025-67950medium · 6.5Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

All In One SEO Pack <= 4.9.1 - Authenticated (Contributor+) SQL Injection

Dec 6, 2025 Patched in 4.9.1.1 (14d)
CVE-2025-64295medium · 4.3Exposure of Sensitive Information to an Unauthorized Actor

All In One SEO Pack <= 4.8.6.1 - Authenticated (Subscriber+) Information Exposure

Nov 26, 2025 Patched in 4.8.7 (25d)
CVE-2025-12847medium · 4.3Missing Authorization

All in One SEO – Powerful SEO Plugin to Boost SEO Rankings & Increase Traffic <= 4.8.9 - Missing Authorization to Authenticated (Contributor+) Arbitrary Media Deletion

Nov 14, 2025 Patched in 4.9.0 (1d)
CVE-2025-58650medium · 5.4Missing Authorization

All In One SEO Pack <= 4.8.7.1 - Missing Authorization

Sep 22, 2025 Patched in 4.8.7.2 (15d)
CVE-2025-58649medium · 4.3Exposure of Sensitive Information to an Unauthorized Actor

All In One SEO Pack <= 4.8.7.1 - Authenticated (Contributor+) Sensitive Information Exposure

Sep 22, 2025 Patched in 4.8.7.2 (17d)
CVE-2025-2892medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

All in One SEO Pack <= 4.8.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Post Meta Description and Canonical URL

May 18, 2025 Patched in 4.8.2 (1d)
CVE-2024-3368medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

All in One SEO <= 4.6.0 - Authenticated (Contributor+) Stored Cross-Site Scripting

Apr 29, 2024 Patched in 4.6.1.1 (18d)
CVE-2024-3554medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

All in One SEO – Best WordPress SEO Plugin – Easily Improve SEO Rankings & Increase Traffic <= 4.6.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

Apr 29, 2024 Patched in 4.6.1.1 (33d)
CVE-2023-0586medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

All in One SEO Pack <= 4.2.9 - Authenticated (Contributor+) Stored Cross-Site Scripting

Feb 24, 2023 Patched in 4.3.0 (333d)
CVE-2023-0585medium · 4.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

All in One SEO Pack <= 4.2.9 - Authenticated (Administrator+) Stored Cross-Site Scripting

Feb 24, 2023 Patched in 4.3.0 (333d)
CVE-2022-38093high · 8.8Cross-Site Request Forgery (CSRF)

All in One SEO <= 4.2.3.1 - Cross-Site Request Forgery

Sep 5, 2022 Patched in 4.2.4 (505d)
CVE-2021-25036high · 8.8Improper Authentication

All in One SEO 4.0.0 - 4.1.5.2 Authorization Bypass

Dec 14, 2021 Patched in 4.1.5.3 (770d)
CVE-2021-25037critical · 9.6Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

All in One SEO 4.1.3.1 - 4.1.5.2 - Authenticated SQL Injection

Dec 14, 2021 Patched in 4.1.5.3 (770d)
CVE-2021-24307high · 8.8Improper Control of Generation of Code ('Code Injection')

All in One SEO <= 4.1.0.1 - Authenticated Code Injection

May 9, 2021 Patched in 4.1.0.2 (989d)
CVE-2020-35946medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

All in One SEO Pack <= 3.6.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

Jul 16, 2020 Patched in 3.6.2 (1286d)
CVE-2019-16520medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

All In One SEO Pack <= 3.2.6 - Stored Cross-Site Scripting

Oct 16, 2019 Patched in 3.2.7 (1560d)
WF-6a0c948b-7f14-450e-858a-77c1d3dd0761-all-in-one-seo-packmedium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

All in One SEO <= 2.9.1.1 - Authenticated Stored Cross-Site Scripting

Oct 18, 2018 Patched in 2.10 (1923d)
WF-c490e344-66da-4176-bd93-7e07a491bfa9-all-in-one-seo-packhigh · 7.2Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

All in One SEO Pack <= 2.3.7 - Unauthenticated Stored Cross-Site Scripting

Jul 13, 2016 Patched in 2.3.8 (2750d)
WF-4f018e22-bf07-4371-afc1-3e664ea1c5a3-all-in-one-seo-packhigh · 7.2Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

All in One SEO – Best WordPress SEO Plugin – Easily Improve SEO Rankings & Increase Traffic <= 2.3.6 - Stored Cross-Site Scripting

Jul 1, 2016 Patched in 2.3.7 (2762d)
WF-03ddef11-04cb-4639-afb0-f123b339b9ae-all-in-one-seo-packmedium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

All in One SEO <= 2.2.6.1 - Reflected Cross-Site Scripting

Apr 20, 2015 Patched in 2.2.6.2 (3200d)
CVE-2015-0902medium · 5.3Exposure of Sensitive Information to an Unauthorized Actor

All in One SEO <= 2.2.5.1 - Information Disclosure

Mar 31, 2015 Patched in 2.2.6 (3220d)
CVE-2013-5988medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

All in One SEO <= 2.0.3 - Cross-Site Scripting via Search Parameter

Aug 1, 2014 Patched in 2.0.3.1 (3462d)
WF-55a942b7-5d3e-4ddf-8bc3-61ff90a7fdbd-all-in-one-seo-packmedium · 6.3Missing Authorization

All in One SEO <= 2.1.5 - Missing Authorization

May 31, 2014 Patched in 2.1.6 (3524d)
WF-60e4c186-5239-464d-be83-1b873f821b3e-all-in-one-seo-packmedium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

All in One SEO <= 2.1.5 - Cross-Site Scripting

May 31, 2014 Patched in 2.1.6 (3524d)
WF-dcd7204f-d950-4fb8-beb2-d9f619824fa1-all-in-one-seo-packmedium · 4.3

All in One SEO <= 2.2.4.1 - Privilege Escalation to Arbitrary Post Modification

May 31, 2014 Patched in 2.2.5 (3524d)
Code Analysis
Analyzed Mar 16, 2026

All in One SEO – Powerful SEO Plugin to Boost SEO Rankings & Increase Traffic Code Analysis

Dangerous Functions
2
Raw SQL Queries
6
86 prepared
Unescaped Output
101
808 escaped
Nonce Checks
18
Capability Checks
64
File Operations
2
External Requests
10
Bundled Libraries
1

Dangerous Functions Found

unserializereturn @unserialize( $string, [ 'allowed_classes' => $allowedClasses ] ); // phpcs:disable PHPCompatapp\Common\Utils\Helpers.php:301
unserializereturn unserialize( serialize( $object ) );app\Common\Utils\Helpers.php:317

Bundled Libraries

Lodash

SQL Query Safety

93% prepared92 total queries

Output Escaping

89% escaped909 total outputs
Attack Surface
4 unprotected

All in One SEO – Powerful SEO Plugin to Boost SEO Rankings & Increase Traffic Attack Surface

Entry Points10
Unprotected4

AJAX Handlers 8

authwp_ajax_aioseo-dismiss-active-menu-tooltipapp\Common\Admin\Admin.php:122
authwp_ajax_aioseo-dismiss-conflicting-plugins-noticeapp\Common\Admin\Notices\ConflictingPlugins.php:21
authwp_ajax_aioseo-deactivate-conflicting-plugins-noticeapp\Common\Admin\Notices\ConflictingPlugins.php:22
authwp_ajax_aioseo-dismiss-deprecated-wordpress-noticeapp\Common\Admin\Notices\DeprecatedWordPress.php:30
authwp_ajax_aioseo-dismiss-review-plugin-ctaapp\Common\Admin\Notices\Review.php:21
noprivwp_ajax_aioseo_is_installedapp\Common\SearchStatistics\Api\Listener.php:29
noprivwp_ajax_aioseo_rauthenticateapp\Common\SearchStatistics\Api\Listener.php:30
noprivwp_ajax_aioseo_connect_processapp\Lite\Admin\Connect.php:23

Shortcodes 2

[aioseo_breadcrumbs] app\Common\Breadcrumbs\Shortcode.php:21
[aioseo_html_sitemap] app\Common\Sitemap\Html\Shortcode.php:21
WordPress Hooks 316
actionadmin_noticesall_in_one_seo_pack.php:54
actionadmin_noticesall_in_one_seo_pack.php:63
actionactivate_all-in-one-seo-pack/all_in_one_seo_pack.phpall_in_one_seo_pack.php:78
actiondeactivate_all-in-one-seo-pack/all_in_one_seo_pack.phpall_in_one_seo_pack.php:79
actionactivate_all-in-one-seo-pack-pro/all_in_one_seo_pack.phpall_in_one_seo_pack.php:80
actionadmin_noticesall_in_one_seo_pack.php:81
actionadmin_noticesall_in_one_seo_pack.php:90
actionsanitize_comment_cookiesapp\AIOSEO.php:88
actioninitapp\AIOSEO.php:322
actionaioseo_unslash_escaped_data_postsapp\Common\Admin\Admin.php:120
filterlanguage_attributesapp\Common\Admin\Admin.php:128
actionsanitize_comment_cookiesapp\Common\Admin\Admin.php:130
actionadmin_menuapp\Common\Admin\Admin.php:132
actionadmin_bar_menuapp\Common\Admin\Admin.php:172
actionadmin_menuapp\Common\Admin\Admin.php:177
actionadmin_menuapp\Common\Admin\Admin.php:178
actionpost_submitbox_misc_actionsapp\Common\Admin\Admin.php:181
actionadmin_initapp\Common\Admin\Admin.php:183
filterbulk_post_updated_messagesapp\Common\Admin\Admin.php:186
actionadmin_footerapp\Common\Admin\Admin.php:190
actioninitapp\Common\Admin\Admin.php:193
actioninitapp\Common\Admin\Admin.php:194
actionwp_enqueue_editorapp\Common\Admin\Admin.php:300
actioncurrent_screenapp\Common\Admin\Admin.php:304
actionenqueue_block_editor_assetsapp\Common\Admin\Admin.php:305
actionadmin_enqueue_scriptsapp\Common\Admin\Admin.php:928
actionadmin_enqueue_scriptsapp\Common\Admin\Admin.php:929
actionadmin_enqueue_scriptsapp\Common\Admin\Admin.php:930
actionin_admin_footerapp\Common\Admin\Admin.php:932
filteradmin_footer_textapp\Common\Admin\Admin.php:933
actionadmin_initapp\Common\Admin\ConflictingPlugins.php:49
actionwp_dashboard_setupapp\Common\Admin\Dashboard.php:21
actionadmin_print_scriptsapp\Common\Admin\DeactivationSurvey.php:59
actionadmin_print_scriptsapp\Common\Admin\DeactivationSurvey.php:60
actionadmin_footerapp\Common\Admin\DeactivationSurvey.php:61
actioninitapp\Common\Admin\NetworkAdmin.php:33
actionnetwork_admin_menuapp\Common\Admin\NetworkAdmin.php:44
actionadmin_footerapp\Common\Admin\Notices\ConflictingPlugins.php:52
actionadmin_footerapp\Common\Admin\Notices\DeprecatedWordPress.php:60
actionadmin_initapp\Common\Admin\Notices\Notices.php:87
actionupdated_optionapp\Common\Admin\Notices\Notices.php:94
actioninitapp\Common\Admin\Notices\Notices.php:95
actionadmin_noticesapp\Common\Admin\Notices\Notices.php:103
actionadmin_footerapp\Common\Admin\Notices\Review.php:63
actionrest_api_initapp\Common\Admin\Notices\WpNotices.php:39
actionenqueue_block_editor_assetsapp\Common\Admin\Notices\WpNotices.php:40
actionadmin_noticesapp\Common\Admin\Notices\WpNotices.php:41
actionadmin_initapp\Common\Admin\Pointers.php:25
actionin_admin_headerapp\Common\Admin\Pointers.php:26
actionsave_postapp\Common\Admin\PostSettings.php:39
actiondelete_postapp\Common\Admin\PostSettings.php:40
actionwp_trash_postapp\Common\Admin\PostSettings.php:41
actionadmin_enqueue_scriptsapp\Common\Admin\PostSettings.php:48
actionadd_meta_boxesapp\Common\Admin\PostSettings.php:51
actionadmin_initapp\Common\Admin\PostSettings.php:54
actionsave_postapp\Common\Admin\PostSettings.php:57
actionedit_attachmentapp\Common\Admin\PostSettings.php:58
actionadd_attachmentapp\Common\Admin\PostSettings.php:59
filterposts_clausesapp\Common\Admin\PostSettings.php:62
actionwpapp\Common\Admin\PostSettings.php:399
actionsave_postapp\Common\Admin\SeoAnalysis.php:23
filtersite_status_testsapp\Common\Admin\SiteHealth.php:21
filterdebug_informationapp\Common\Admin\SiteHealth.php:22
actionpre_post_updateapp\Common\Admin\SlugMonitor.php:35
actionwp_after_insert_postapp\Common\Admin\SlugMonitor.php:39
actionpost_updatedapp\Common\Admin\SlugMonitor.php:41
actionadmin_initapp\Common\Admin\Usage.php:57
actionadd_meta_boxesapp\Common\Admin\WritingAssistant.php:23
actiondelete_postapp\Common\Admin\WritingAssistant.php:24
actionadmin_enqueue_scriptsapp\Common\Admin\WritingAssistant.php:75
actionadmin_initapp\Common\Ai\Ai.php:77
actionadmin_initapp\Common\Ai\Ai.php:78
filterrest_allowed_cors_headersapp\Common\Api\Api.php:218
actionrest_api_initapp\Common\Api\Api.php:219
filterget_object_termsapp\Common\Breadcrumbs\Block.php:115
actionwidgets_initapp\Common\Breadcrumbs\Breadcrumbs.php:77
actioninitapp\Common\Breadcrumbs\Breadcrumbs.php:80
actionaioseo_email_reports_enable_reminderapp\Common\EmailReports\EmailReports.php:45
actionadmin_initapp\Common\EmailReports\Summary\Summary.php:55
actionadmin_initapp\Common\Llms\Llms.php:77
actionwp_insert_postapp\Common\Llms\Llms.php:79
actionedited_termapp\Common\Llms\Llms.php:80
actionadmin_initapp\Common\Main\Activate.php:30
filterquery_varsapp\Common\Main\CategoryBase.php:26
filterrequestapp\Common\Main\CategoryBase.php:27
filtercategory_rewrite_rulesapp\Common\Main\CategoryBase.php:28
filterterm_linkapp\Common\Main\CategoryBase.php:29
actioncreated_categoryapp\Common\Main\CategoryBase.php:32
actiondelete_categoryapp\Common\Main\CategoryBase.php:33
actionedited_categoryapp\Common\Main\CategoryBase.php:34
filterwp_optimize_get_tablesapp\Common\Main\Filters.php:42
actionduplicate_post_after_rewritingapp\Common\Main\Filters.php:45
filterplugin_row_metaapp\Common\Main\Filters.php:51
filtergenesis_detect_seo_pluginsapp\Common\Main\Filters.php:55
filterweglot_active_translation_before_treat_pageapp\Common\Main\Filters.php:59
filterwpml_tm_adjust_translation_fieldsapp\Common\Main\Filters.php:62
filterjetpack_boost_should_defer_jsapp\Common\Main\Filters.php:65
filterwpaas_cdn_file_extapp\Common\Main\Filters.php:69
actiondp_duplicate_postapp\Common\Main\Filters.php:72
actiondp_duplicate_pageapp\Common\Main\Filters.php:73
actionwoocommerce_product_duplicate_before_saveapp\Common\Main\Filters.php:74
actionadd_post_metaapp\Common\Main\Filters.php:75
actioninitapp\Common\Main\Filters.php:78
filterthe_titleapp\Common\Main\Filters.php:79
filterjwt_auth_default_whitelistapp\Common\Main\Filters.php:82
actionprofile_updateapp\Common\Main\Filters.php:85
actionuser_registerapp\Common\Main\Filters.php:86
filteraioseo_public_post_typesapp\Common\Main\Filters.php:88
filteraioseo_public_taxonomiesapp\Common\Main\Filters.php:89
actionadmin_print_scriptsapp\Common\Main\Filters.php:91
filterjetpack_get_available_modulesapp\Common\Main\Filters.php:95
actionafter_setup_themeapp\Common\Main\Filters.php:98
actionwpapp\Common\Main\Filters.php:99
actioninitapp\Common\Main\Filters.php:100
filterwp_consent_api_registered_all-in-one-seo-pack/all_in_one_seo_pack.phpapp\Common\Main\Filters.php:111
filterwp_consent_api_registered_all-in-one-seo-pack-pro/all_in_one_seo_pack.phpapp\Common\Main\Filters.php:112
actionwp_insert_postapp\Common\Main\Filters.php:262
actionwpapp\Common\Main\Head.php:77
actionwp_headapp\Common\Main\Head.php:78
filterpre_get_document_titleapp\Common\Main\Head.php:104
filterwp_titleapp\Common\Main\Head.php:105
actionwp_before_load_templateapp\Common\Main\Head.php:109
actiontemplate_redirectapp\Common\Main\Head.php:111
actionwp_headapp\Common\Main\Head.php:113
actionadmin_enqueue_scriptsapp\Common\Main\Main.php:26
actionwp_enqueue_scriptsapp\Common\Main\Main.php:27
actionadmin_footerapp\Common\Main\Main.php:28
actiontemplate_redirectapp\Common\Main\Media.php:21
actiontemplate_redirectapp\Common\Main\QueryArgs.php:34
filtercomment_reply_linkapp\Common\Main\QueryArgs.php:155
actiontemplate_redirectapp\Common\Main\QueryArgs.php:156
actionaioseo_v4_migrate_post_schemaapp\Common\Main\Updates.php:24
actionaioseo_v4_migrate_post_schema_defaultapp\Common\Main\Updates.php:25
actionaioseo_v419_remove_revision_recordsapp\Common\Main\Updates.php:26
actioninitapp\Common\Main\Updates.php:35
actioninitapp\Common\Main\Updates.php:36
actioninitapp\Common\Main\Updates.php:37
actionwp_loadedapp\Common\Main\Updates.php:61
actioninitapp\Common\Meta\Amp.php:21
actionamp_post_template_headapp\Common\Meta\Amp.php:43
actionamp_post_template_headapp\Common\Meta\Amp.php:46
actiondelete_postapp\Common\Meta\Meta.php:77
actionwpml_pro_translation_completedapp\Common\Meta\MetaData.php:32
actionwp_loadedapp\Common\Meta\Robots.php:45
actiontemplate_redirectapp\Common\Meta\Robots.php:46
actionwp_headapp\Common\Meta\Robots.php:47
actionaioseo_migrate_post_metaapp\Common\Migration\Migration.php:52
actionadmin_initapp\Common\Migration\Migration.php:58
actionwp_loadedapp\Common\Migration\Migration.php:75
actionwp_loadedapp\Common\Migration\Migration.php:84
actionshutdownapp\Common\Migration\OldOptions.php:125
actionwp_loadedapp\Common\Options\DynamicBackup.php:88
actionshutdownapp\Common\Options\DynamicBackup.php:89
actionshutdownapp\Common\Options\DynamicOptions.php:78
actionshutdownapp\Common\Options\InternalNetworkOptions.php:52
actionshutdownapp\Common\Options\InternalOptions.php:120
actionshutdownapp\Common\Options\NetworkOptions.php:80
actionshutdownapp\Common\Options\Options.php:514
actioninitapp\Common\Options\Options.php:526
actionwp_loadedapp\Common\Options\Options.php:530
actionaioseo_crawl_cleanup_clear_logsapp\Common\QueryArgs\CrawlCleanup.php:25
actiontemplate_redirectapp\Common\QueryArgs\CrawlCleanup.php:28
filterthe_content_feedapp\Common\Rss.php:27
filterthe_excerpt_rssapp\Common\Rss.php:28
actionwp_headapp\Common\Rss.php:37
filterfeed_links_show_posts_feedapp\Common\Rss.php:40
filterfeed_links_show_comments_feedapp\Common\Rss.php:44
actionwpapp\Common\Rss.php:48
filterpre_get_postsapp\Common\SearchCleanup\SearchCleanup.php:39
actiontemplate_redirectapp\Common\SearchCleanup\SearchCleanup.php:43
actionadmin_initapp\Common\SearchStatistics\Api\Listener.php:25
actionadmin_initapp\Common\SearchStatistics\Api\Listener.php:26
actionadmin_initapp\Common\SearchStatistics\Api\Listener.php:27
actionadmin_initapp\Common\SearchStatistics\Notices.php:27
actionadmin_initapp\Common\SearchStatistics\Site.php:31
actionadmin_initapp\Common\SearchStatistics\Sitemap.php:31
actionupdate_option_blog_publicapp\Common\SeoChecklist\SeoChecklist.php:18
filterrobots_txtapp\Common\Sitemap\Helpers.php:566
actioninitapp\Common\Sitemap\Html\Block.php:21
actionwidgets_initapp\Common\Sitemap\Html\Sitemap.php:59
filteraioseo_canonical_urlapp\Common\Sitemap\Html\Sitemap.php:60
filterpre_get_shortlinkapp\Common\Sitemap\Html\Sitemap.php:61
actiontemplate_redirectapp\Common\Sitemap\Html\Sitemap.php:64
actionadmin_initapp\Common\Sitemap\Image\Image.php:65
actioninitapp\Common\Sitemap\Localization.php:32
filteraioseo_sitemap_termapp\Common\Sitemap\Localization.php:51
filteraioseo_sitemap_postapp\Common\Sitemap\Localization.php:52
filteraioseo_sitemap_termapp\Common\Sitemap\Localization.php:56
filteraioseo_sitemap_postapp\Common\Sitemap\Localization.php:57
filteraioseo_sitemap_author_entryapp\Common\Sitemap\Localization.php:58
filteraioseo_sitemap_archive_entryapp\Common\Sitemap\Localization.php:59
filteraioseo_sitemap_date_entryapp\Common\Sitemap\Localization.php:60
filteraioseo_sitemap_product_attributesapp\Common\Sitemap\Localization.php:61
actionparse_requestapp\Common\Sitemap\RequestParser.php:43
actionaioseo_static_sitemap_regenerationapp\Common\Sitemap\Sitemap.php:111
actionwp_insert_postapp\Common\Sitemap\Sitemap.php:114
actionedited_termapp\Common\Sitemap\Sitemap.php:115
actionadmin_initapp\Common\Sitemap\Sitemap.php:117
filterwp_sitemaps_enabledapp\Common\Sitemap\Sitemap.php:135
filterjetpack_enable_open_graphapp\Common\Social\Social.php:80
filterlanguage_attributesapp\Common\Social\Social.php:83
actionpost_updatedapp\Common\Social\Social.php:89
actioninitapp\Common\Standalone\AdminBarNoindexWarning.php:23
actionadmin_enqueue_scriptsapp\Common\Standalone\AdminBarNoindexWarning.php:47
actionwp_enqueue_scriptsapp\Common\Standalone\AdminBarNoindexWarning.php:48
actionadmin_bar_menuapp\Common\Standalone\AdminBarNoindexWarning.php:50
actionplugins_loadedapp\Common\Standalone\BbPress\BbPress.php:38
actionwpapp\Common\Standalone\BbPress\BbPress.php:54
actioninitapp\Common\Standalone\Blocks\Blocks.php:21
actionenqueue_block_assetsapp\Common\Standalone\Blocks\TableOfContents.php:26
actionplugins_loadedapp\Common\Standalone\BuddyPress\BuddyPress.php:58
actioninitapp\Common\Standalone\BuddyPress\BuddyPress.php:85
actionbp_parse_queryapp\Common\Standalone\BuddyPress\BuddyPress.php:86
actioninitapp\Common\Standalone\DetailsColumn.php:33
actioncurrent_screenapp\Common\Standalone\DetailsColumn.php:40
actionadmin_enqueue_scriptsapp\Common\Standalone\DetailsColumn.php:60
filtermanage_edit-product_columnsapp\Common\Standalone\DetailsColumn.php:63
actionmanage_posts_custom_columnapp\Common\Standalone\DetailsColumn.php:64
filtermanage_media_columnsapp\Common\Standalone\DetailsColumn.php:75
actionmanage_media_custom_columnapp\Common\Standalone\DetailsColumn.php:76
actionadmin_enqueue_scriptsapp\Common\Standalone\FlyoutMenu.php:30
filteradmin_body_classapp\Common\Standalone\FlyoutMenu.php:31
actionenqueue_block_editor_assetsapp\Common\Standalone\HeadlineAnalyzer.php:25
filtermonsterinsights_headline_analyzer_enabledapp\Common\Standalone\HeadlineAnalyzer.php:31
filterexactmetrics_headline_analyzer_enabledapp\Common\Standalone\HeadlineAnalyzer.php:32
filterwp_insert_post_dataapp\Common\Standalone\LimitModifiedDate.php:30
filterwp_insert_attachment_dataapp\Common\Standalone\LimitModifiedDate.php:31
actionwoocommerce_before_product_object_saveapp\Common\Standalone\LimitModifiedDate.php:32
actionrest_api_initapp\Common\Standalone\LimitModifiedDate.php:34
actionadmin_enqueue_scriptsapp\Common\Standalone\LimitModifiedDate.php:40
actionpost_submitbox_misc_actionsapp\Common\Standalone\LimitModifiedDate.php:41
actionadmin_enqueue_scriptsapp\Common\Standalone\Notifications.php:27
actionfusion_enqueue_live_scriptsapp\Common\Standalone\PageBuilders\Avada.php:43
actionfusion_builder_admin_scripts_hookapp\Common\Standalone\PageBuilders\Avada.php:44
actionwp_footerapp\Common\Standalone\PageBuilders\Avada.php:45
actioninitapp\Common\Standalone\PageBuilders\Base.php:51
actionwpapp\Common\Standalone\PageBuilders\Bricks.php:43
filterbricks/content/html_before_endapp\Common\Standalone\PageBuilders\Bricks.php:45
filterbricks/frontend/disable_seoapp\Common\Standalone\PageBuilders\Bricks.php:48
filterbricks/frontend/disable_opengraphapp\Common\Standalone\PageBuilders\Bricks.php:49
actionwp_enqueue_scriptsapp\Common\Standalone\PageBuilders\Bricks.php:90
actionwpapp\Common\Standalone\PageBuilders\Divi.php:52
actionadmin_enqueue_scriptsapp\Common\Standalone\PageBuilders\Divi.php:53
actionwp_footerapp\Common\Standalone\PageBuilders\Divi.php:75
actionwp_footerapp\Common\Standalone\PageBuilders\Divi.php:76
actionwp_enqueue_scriptsapp\Common\Standalone\PageBuilders\Divi.php:77
filterscript_loader_tagapp\Common\Standalone\PageBuilders\Divi.php:78
actionelementor/initapp\Common\Standalone\PageBuilders\Elementor.php:52
actionelementor/editor/before_enqueue_scriptsapp\Common\Standalone\PageBuilders\Elementor.php:57
actionelementor/editor/before_enqueue_scriptsapp\Common\Standalone\PageBuilders\Elementor.php:58
actionelementor/documents/register_controlsapp\Common\Standalone\PageBuilders\Elementor.php:59
actionelementor/editor/footerapp\Common\Standalone\PageBuilders\Elementor.php:60
actionelementor/editor/footerapp\Common\Standalone\PageBuilders\Elementor.php:63
actionelementor/editor/footerapp\Common\Standalone\PageBuilders\Elementor.php:64
actionwpapp\Common\Standalone\PageBuilders\Oxygen.php:43
filterbreakdance_singular_contentapp\Common\Standalone\PageBuilders\Oxygen.php:46
filterbreakdance_render_rendered_htmlapp\Common\Standalone\PageBuilders\Oxygen.php:49
actionwp_enqueue_scriptsapp\Common\Standalone\PageBuilders\Oxygen.php:129
actionadmin_enqueue_scriptsapp\Common\Standalone\PageBuilders\SeedProd.php:52
filterstyle_loader_tagapp\Common\Standalone\PageBuilders\SeedProd.php:53
actionsiteorigin_panel_enqueue_admin_scriptsapp\Common\Standalone\PageBuilders\SiteOrigin.php:52
filtertcb_allowed_ajax_optionsapp\Common\Standalone\PageBuilders\ThriveArchitect.php:43
actiontcb_main_frame_enqueueapp\Common\Standalone\PageBuilders\ThriveArchitect.php:49
filtertve_main_js_dependenciesapp\Common\Standalone\PageBuilders\ThriveArchitect.php:50
actiontcb_right_sidebar_content_settingsapp\Common\Standalone\PageBuilders\ThriveArchitect.php:51
actiontcb_sidebar_extra_linksapp\Common\Standalone\PageBuilders\ThriveArchitect.php:52
filtertcb_main_frame_localizeapp\Common\Standalone\PageBuilders\ThriveArchitect.php:53
filterget_post_metadataapp\Common\Standalone\PageBuilders\WPBakery.php:46
actionvc_frontend_editor_enqueue_js_cssapp\Common\Standalone\PageBuilders\WPBakery.php:53
actionvc_backend_editor_enqueue_js_cssapp\Common\Standalone\PageBuilders\WPBakery.php:54
filtervc_nav_front_controlsapp\Common\Standalone\PageBuilders\WPBakery.php:56
filtervc_nav_controlsapp\Common\Standalone\PageBuilders\WPBakery.php:57
actionadmin_enqueue_scriptsapp\Common\Standalone\PrimaryTerm.php:29
actionadmin_enqueue_scriptsapp\Common\Standalone\PublishPanel.php:27
actionwpapp\Common\Standalone\SeoPreview.php:48
filterautoptimize_filter_noptimizeapp\Common\Standalone\SeoPreview.php:90
actionwp_print_footer_scriptsapp\Common\Standalone\SeoPreview.php:94
actionadmin_menuapp\Common\Standalone\SetupWizard.php:25
actionadmin_headapp\Common\Standalone\SetupWizard.php:26
actionadmin_initapp\Common\Standalone\SetupWizard.php:27
actionadmin_initapp\Common\Standalone\SetupWizard.php:28
actionadmin_enqueue_scriptsapp\Common\Standalone\UserProfileTab.php:27
actionprofile_updateapp\Common\Standalone\UserProfileTab.php:28
actionwpcode_loadedapp\Common\Standalone\WpCode.php:25
actionweb_stories_story_headapp\Common\ThirdParty\WebStories.php:21
actionweb_stories_story_headapp\Common\ThirdParty\WebStories.php:22
filterweb_stories_enable_metadataapp\Common\ThirdParty\WebStories.php:33
filterweb_stories_enable_schemaorg_metadataapp\Common\ThirdParty\WebStories.php:34
filterweb_stories_enable_open_graph_metadataapp\Common\ThirdParty\WebStories.php:35
filterweb_stories_enable_twitter_metadataapp\Common\ThirdParty\WebStories.php:36
filterwp_robotsapp\Common\ThirdParty\WebStories.php:42
filterrobots_txtapp\Common\Tools\RobotsTxt.php:27
actionadmin_initapp\Common\Tools\RobotsTxt.php:33
filterrobots_txtapp\Common\Tools\RobotsTxt.php:624
actionadmin_headapp\Common\Traits\Assets.php:158
actionwp_headapp\Common\Traits\Assets.php:161
actionadmin_print_footer_scriptsapp\Common\Traits\Assets.php:165
filterpre_render_blockapp\Common\Traits\Helpers\Blocks.php:50
actionplugins_loadedapp\Common\Utils\Access.php:78
actioninitapp\Common\Utils\Access.php:82
actionaction_scheduler_after_executeapp\Common\Utils\ActionScheduler.php:31
actionplugins_loadedapp\Common\Utils\ActionScheduler.php:34
actionaction_scheduler/created_tableapp\Common\Utils\ActionScheduler.php:78
filterscript_loader_tagapp\Common\Utils\Assets.php:46
actionadmin_headapp\Common\Utils\Assets.php:47
actionwp_headapp\Common\Utils\Assets.php:48
actioninitapp\Common\Utils\Blocks.php:30
actionenqueue_block_editor_assetsapp\Common\Utils\Blocks.php:41
actioninitapp\Common\Utils\Cache.php:75
actionwp_loadedapp\Common\Utils\Tags.php:394
actioninitapp\Common\WritingAssistant\SeoBoost\SeoBoost.php:51
actioninitapp\Common\WritingAssistant\SeoBoost\SeoBoost.php:55
actioninitapp\Common\WritingAssistant\SeoBoost\SeoBoost.php:58
actioninitapp\Common\WritingAssistant\SeoBoost\SeoBoost.php:59
actionadmin_menuapp\Lite\Admin\Connect.php:25
actionadmin_initapp\Lite\Admin\Connect.php:26
Maintenance & Trust

All in One SEO – Powerful SEO Plugin to Boost SEO Rankings & Increase Traffic Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 9, 2026
PHP min version7.2
Downloads199.8M

Community Trust

Rating94/100
Number of ratings5,056
Active installs3.0M
Alternatives

All in One SEO – Powerful SEO Plugin to Boost SEO Rankings & Increase Traffic Alternatives

SiteSEO – SEO Simplified

SiteSEO – SEO Simplified

siteseo

A
95

SiteSEO is an easy, fast and powerful SEO plugin for WordPress. Unlock your Website's potential and Maximize your online visibility with our SiteSEO!

500K 4 CVEs
SureRank SEO – Smart Assistant with Meta Tags, Social Preview, XML Sitemap, and Schema

SureRank SEO – Smart Assistant with Meta Tags, Social Preview, XML Sitemap, and Schema

surerank

A
97

SureRank – SEO Assistant with Meta Tags, Social Preview, XML Sitemap, and Schema

300K 1 CVE
SEOPress – On-site SEO & Analytics

SEOPress – On-site SEO & Analytics

wp-seopress

A
94

SEOPress, a simple, fast and powerful all in one SEO plugin for WordPress. Rank higher in search engines, fully white label. Now with AI.

300K 14 CVEs
SEO Plugin by Squirrly SEO

SEO Plugin by Squirrly SEO

squirrly-seo

A
88

Rank without begging Google. AI-powered SEO that actually helps you win. Trusted by rebels, creators, and pros in 150+ countries.

40K 14 CVEs
Xagio SEO – AI Powered SEO

Xagio SEO – AI Powered SEO

xagio-seo

C
64

Xagio is the only WordPress SEO plugin built with AI to help you rank fast, rank higher, and optimize for SEO using advanced AI for insane SEO results &hellip;

10K 1 unpatched
Developer Profile

All in One SEO – Powerful SEO Plugin to Boost SEO Rankings & Increase Traffic Developer Profile

Syed Balkhi

94 plugins · 23.5M total installs

73
trust score
Avg Security Score
91/100
Avg Patch Time
795 days
View full developer profile
Detection Fingerprints

How We Detect All in One SEO – Powerful SEO Plugin to Boost SEO Rankings & Increase Traffic

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/all-in-one-seo-pack/dist/vue/app.js/wp-content/plugins/all-in-one-seo-pack/dist/vue/chunks/chunk-vendors.js/wp-content/plugins/all-in-one-seo-pack/dist/vue/chunks/chunk-common.js/wp-content/plugins/all-in-one-seo-pack/assets/css/common.css/wp-content/plugins/all-in-one-seo-pack/assets/css/admin.css/wp-content/plugins/all-in-one-seo-pack/assets/css/pro.css/wp-content/plugins/all-in-one-seo-pack/assets/css/lite.css/wp-content/plugins/all-in-one-seo-pack/assets/css/upgrade-notice.css+1 more
Generator Patterns
All in One SEO
Script Paths
/wp-content/plugins/all-in-one-seo-pack/dist/vue/app.js/wp-content/plugins/all-in-one-seo-pack/dist/vue/chunks/chunk-vendors.js/wp-content/plugins/all-in-one-seo-pack/dist/vue/chunks/chunk-common.js
Version Parameters
all-in-one-seo-pack/assets/css/common.css?ver=all-in-one-seo-pack/assets/css/admin.css?ver=all-in-one-seo-pack/assets/css/pro.css?ver=all-in-one-seo-pack/assets/css/lite.css?ver=all-in-one-seo-pack/assets/css/upgrade-notice.css?ver=all-in-one-seo-pack/assets/css/blocks.css?ver=all-in-one-seo-pack/dist/vue/app.js?ver=all-in-one-seo-pack/dist/vue/chunks/chunk-vendors.js?ver=all-in-one-seo-pack/dist/vue/chunks/chunk-common.js?ver=

HTML / DOM Fingerprints

CSS Classes
aioseo-menu-new-indicatoraioseo-admin-bar-titleaioseo-metabox-tabsaioseo-seo-analysis-tabsaioseo-writing-assistant-tabsaioseo-settings-pageaioseo-settings-sectionaioseo-settings-field+1 more
HTML Comments
<!-- All in One SEO --><!-- AIOSEO -->
Data Attributes
data-aioseo-fielddata-aioseo-tabdata-aioseo-modal-titledata-aioseo-target
JS Globals
aioseoAIOSEO
REST Endpoints
/wp-json/aioseo/v1/settings/wp-json/aioseo/v1/analysis/wp-json/aioseo/v1/redirects
FAQ

Frequently Asked Questions about All in One SEO – Powerful SEO Plugin to Boost SEO Rankings & Increase Traffic