The host is installed with All in One SEO WordPress Plugin before 4.1.0.2 and is prone to a code injection vulnerability. A flaw is present in the plugin which fails to handle the plugin when it attempts to unserialize values of the .ini file. Successful exploitation could allow attackers to execute arbitrary code.