There is a vulnerability in WordPress SEO by Yoast. This is a CSRF vulnerability so is harder to exploit because it requires tricking an admin into loading a link from their own website where they’re logged in.

However it’s serious enough that we’re sending out an alert. Yoast has released a fix, so upgrade immediately. It’s worth noting that this is getting a lot of press, so awareness among hackers of this issue is spreading quickly. So please upgrade at your earliest convenience.