The All in One SEO Pack plugin for WordPress was updated a few days ago to patch some serious vulnerabilities. Thankfully the problem is easy to fix. All you need to do is log into your administrator area in WordPress and update the plugin in question. Here are more details about the vulnerabilities from the Sucuri blog.
If your site has subscribers, authors and non-admin users logging in to wp-admin, you are a risk. If you have open registration, you are at risk, so you have to update the plugin now. While auditing their code, we found two security flaws that allows an attacker to conduct privilege escalation and cross site scripting (XSS) attacks.