In conjunction with many other plugin developers, we have released an update to All in One SEO Pack Pro today which patches a security vulnerability within our plugin. This vulnerability affects only users who have activated the File Editor module in All in One SEO Pack Pro. Our standard guidance is to leave this module deactivated and only activate it as and when you need to make changes to your .htaccess and robots.txt files.
You can read more information regarding this Cross-site Scripting (XSS) and the plugins affected on the Sucuri blog here.
In addition to patching this vulnerability, this release also includes changes the plugin for Taxonomy Term Splitting so that the plugin is compatible with WordPress version 4.2 which is due out very soon.
We strongly urge all users to update to the latest version of All in One SEO Pack Pro (version 18.104.22.168). Make sure you update ALL other affected plugins.
Our thanks go to Joost de Valk for identifying this vulnerability.