WordPress Three Plugins Backdoored to Attack

By: Prem Tiwari | Last Updated: | In: WordPress Security


In the past month December 2017, WordPress has closed three plugins and banned their Authors permanently from WordPress.org directory because of they contained content-injection backdoors. In this post, I will explain about the WordPress Three Plugins Backdoored to Attack WordPress sites by content-injection backdoors.

WordPress Three Plugins Backdoored to Attack

WordPress Three Plugins Backdoored to Attack

Each of plugins is purchased from the previous developer and then they injection backdoors to get the access to their site data. Below is the list of those WordPress plugins:

1) Plugin Name: Duplicate Page and Post

URL: https://wordpress.org/plugins/duplicate-page-and-post/
Active Installs: 50,000+
Current Owner: pluginsforwp (joined WordPress.org July 10, 2017)
Sold Date: August 2017
Removed from WordPress.org date: December 14, 2017


2) No Follow All External Links

URL: https://wordpress.org/plugins/nofollow-all-external-links/
Active Installs: 9,000+
Current Owner: gearpressstudio (joined WordPress.org March 17, 2017)
Sold Date: April 2017
Removed from WordPress.org date: December 19, 2017


3) WP No External Links

URL: https://wordpress.org/plugins/wp-noexternallinks/
Active Installs: 30,000+
Current Owner: steamerdevelopment (joined WordPress.org June 29, 2017)
Sold Date: July 12, 2017
Removed from WordPress.org date: December 22, 2017

Conclusion

If you are still using any of above plugins on your website, then I recommend you to remove them immediately. After that scan your site with Antivirus.

I hope you found this tutorial helpful! Please do like & share this tutorial with your friends and don’t forget to subscribe this blog to get all future updates directly in your email box.


About: Prem Tiwari

Prem Tiwari is the founder of FreeWebMentor.com and also a professional developer who has vast experience in PHP and open source technologies. Apart from this, he is a blogger by hobby and also he has been a regular speaker of WordPress sessions in various IT Companies.


Tags: , , , , , ,