This week’s #searchdrop highlights a new exploit found in the All in One SEO Pack, recommends ways to optimise PDFs for SEO, and discusses the new features available to responsive ads!
The All in One SEO pack is a versatile SEO plugin used on a host of WordPress sites and was likely considered the dominant SEO plugin until Yoast’s arrival. A recent finding by the team at WordFence has highlighted however there is a vulnerability that allows would-be hackers to access and take full control of your site via the use of a “Cross-Site Scripting Vulnerability”.
This is a vulnerability in an area where a user may input or upload data such as comments or picture uploads. These areas need to be scanned for malicious scripts before a connection is made.
The vulnerability in the plugin relates to the SEO title and meta description upload section, and requires the hacker to already have access to a user with posting privileges. From this section (with the relevant user permissions already gained) the hacker can implement scripts to take control, damage, or infect other users.
The first thing to do is to make sure that your site isn’t already compromised. This can be done in Google search console (if Google has picked up the issue), by a review of the time code or using plugins like WordFence. Secondly, you should update your All In One SEO Pack plugin as the issue is only seen in version 3.61 (and previous versions) of the plugin. This should help to protect you against this vulnerability.
Finally, it could be worth considering the wider security of your site using tools like Mozilla Observatory and working with a developer to implement the recommended security headings.
For more on this story see this article here.
Google has been making some additions and improvements to responsive search ads. If you weren’t already aware, responsive search ads let you create an ad that adapts to serve more relevant messages to your customers, thus improving conversions. Over time, Google Ads automatically tests different combinations and learns which performs best.
So, what are these new additions? You can now include a countdown feature on your responsive search ad that allows the advertiser to enter the end date of a promotion, adjustable to any time zone (e.g. Promo ends in 24 hours).
They have also added a location extension insertion. This essentially allows the advertiser to insert a placeholder telling Google to display the city, state or country based on where the potential customer is searching from to further tailor the messaging.
And lastly, the responsive search ads recommendations have been expanded with COVID-19 in mind, letting you add suggestions such as contactless delivery, extended returns and scheduled pick ups.
However, there is SEO value in PDFs as supporting content to a product page. For example, having well-optimised PDFs can be important for things like technical specification downloads. There are also going to be occasions where a PDF is the only piece of content you’re able to provide to rank for a term and as such leveraging everything you can to better performance is vital.
Here are some of the best ways to optimise your PDFs:
For more on PDFs optimisation check out a recent article from Ahefs.