What's new

Security Vulnerability in Custom Content Type Manager WP plugin Major Backdoor!

Christopher

Top Contributor
A dormant plugin "Custom Content Type Manager WP plugin" recently changed hands, but with the change of ownership came the push out of malicious updates.
If you have this plugin, remove it immediately and seek professional help about cleaning up your site.

The plugin, pushed out some updates that make sure the attacker can record usernames and passwords created, create new users, and control your WordPress site.

Even if you don't own this plugin, read the article, because this could happen to any other dormant plugin you have on your site.

http://news.softpedia.com/news/popu...or-steals-site-admin-credentials-501383.shtml
 

Christopher

Top Contributor
Thanks for the tip, are there any other plugins or types of plugins we should all avoid ?
Yes Cooper, you can start by adding this plugin to your site temporarily (If you wish, or long term),
https://wordpress.org/plugins/plugin-vulnerabilities/
It has a repository of vulnerable plugins, that are known that the plugin author hasn't patched yet. By installing this plugin, you can scan your set of plugins to see if you have one of them. If so, look for alternatives that are maintained, or delete the bad plugins from your site.
 

Christopher

Top Contributor
Thanks Chris, what do you think of this similar plugin ?
I haven't used that plugin before, but with security you need daily or every few days to be updated, with the latest vulnerabilities. The plugin you suggest is 3 months old, with 7 reviews, 2000 active installs, and one author. Compare that to https://wordpress.org/plugins/plugin-vulnerabilities/ which has 9 reviews, 4000 active installs, and updated 2 days ago, and one author. I then look at the change log. each time the plugin I suggested is updated, they update the list of vulnerable plugins, as well as improve the plugin. The other, just improves his plugin.

If you want to see plugins that have been exploited you have to visit sites that specialise in exploiting peoples software. Its not recommended to visit them from your standard Ip, be sure that you are running your connection through a proxy vpn, and have your own personal firewalls in place. Also visit using incognito mode. we don't know what they're tracking or what cookies they are inserting into your computer. A site you can look at is www.exploit-db.com, just know that anything for WordPress core has all ready been fixed, as they monitor sites like these, its just plugins and themes, that may not be on top of their patches. And users that don't update their sites, are always at risk, and usually fall victim to this kind of thing.
 

Community sponsors

Domain Parking Manager

AddMe Reputation Management

Digital Marketing Experts

Catch Expired Domains

Web Hosting

Members online

No members online now.

Forum statistics

Threads
11,098
Messages
92,044
Members
2,394
Latest member
Spacemo
Top