Title: This plugin creates security risks and spams code Last modified: August 24, 2016 --- # This plugin creates security risks and spams code * Resolved [ozzWANTED](https://wordpress.org/support/users/ozzwanted/) * (@ozzwanted) * [11 years ago](https://wordpress.org/support/topic/this-plugin-creates-security-risks-and-spams-code/) * I owe even a pro version, but I still see my source code (HTML output code) spammed. This also exposes security risk for hackers, who will search for vunerable version or plugins all over the internet. * This is the notes how to manually remove the spam and security risk from your plugin: * 1. Edit this file: \wp-content\plugins\all-in-one-seo-pack-pro\aioseop_class. php * 2. FIND: “version by Michael Torbert of Semper Fi Web Design"; if ( $this->ob_start_detected ) echo "ob_start_detected "; echo "[$this->title_start,$this->title_end] "; echo "-->\n"; echo "\n"; */ ``` * 3. Find the ‘\n"; ``` * 4. Now your WordPress website in spam-aware and more secure. * 5. If you don’t do this (steps 1 to 4), you will see this spam and security risk in your website HTML OUTPUT CODE: * ``` ``` * 6.If you do the steps 1 to 4, then you will have the clean HTML code in same place, and HTML will only outputs these lines: * ``` ``` * Have a good use :). * [https://wordpress.org/plugins/all-in-one-seo-pack/](https://wordpress.org/plugins/all-in-one-seo-pack/) Viewing 1 replies (of 1 total) * [Peter Baylies](https://wordpress.org/support/users/pbaylies/) * (@pbaylies) * [11 years ago](https://wordpress.org/support/topic/this-plugin-creates-security-risks-and-spams-code/#post-5962951) * Hi ozzWANTED, * I would not recommend editing the plugin in general; any changes you make will be reverted when you upgrade and will need to be applied again. If you must change the output of the plugin, then I suggest using output buffering for this instead of making edits to the plugin. * Also note that security through obscurity is not a defense against attackers; many attackers will try attacking your site without even checking the version numbers advertised – and why would they, they can’t trust that those numbers are correct. I would suggest focusing on preventing the attacks themselves; as far as version numbers are concerned, this can be more readily accomplished by upgrading to the latest version of the plugin. Viewing 1 replies (of 1 total) The topic ‘This plugin creates security risks and spams code’ is closed to new replies. * ![](https://ps.w.org/all-in-one-seo-pack/assets/icon.svg?rev=2443290) * [All in One SEO – Powerful SEO Plugin to Boost SEO Rankings & Increase Traffic](https://wordpress.org/plugins/all-in-one-seo-pack/) * [Frequently Asked Questions](https://wordpress.org/plugins/all-in-one-seo-pack/#faq) * [Support Threads](https://wordpress.org/support/plugin/all-in-one-seo-pack/) * [Active Topics](https://wordpress.org/support/plugin/all-in-one-seo-pack/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/all-in-one-seo-pack/unresolved/) * [Reviews](https://wordpress.org/support/plugin/all-in-one-seo-pack/reviews/) * 1 reply * 2 participants * Last reply from: [Peter Baylies](https://wordpress.org/support/users/pbaylies/) * Last activity: [11 years ago](https://wordpress.org/support/topic/this-plugin-creates-security-risks-and-spams-code/#post-5962951) * Status: resolved