There is a serious stored XSS vulnerability in All in One SEO Pack versions 2.3.6.1 and older that we expect to have widespread impact. It allows a remote attacker to take full control of a WordPress website by sending malicious HTTP headers to any URL on the target site.
If you’re unsure if this affects you, please give us a ring on 02380 988 977 to discuss your options.