Heads Up - Wordpress Plugin YUZE Related Posts Hacked

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • cordoba
    Confirmed User
    • Feb 2010
    • 1363

    #1

    Tech Heads Up - Wordpress Plugin YUZE Related Posts Hacked

    Woke up this morning to find one of my most important wordpress blogs was redirecting affiliate links to malware. After various attempts at a quick fix I did a Google search and discovered that it was a recent mass hack of the YUZE related posts plugin. Some twat 'security researcher' had discovered a vulnerability in the plugin and then published the code online instead of informing the makers of the plugin.

    I know a lot of you with wordpress blogs will be using that plugin. Apparently 60,000 have been affected already. Anyway, removing the plugin seems to have worked, although the patched up version of it still isn't available and there doesn't seem to be any decent alternative listed in the WP library (YARPP isn't showing in the WP plugin library - maybe they are waiting to see if that shared the same vulnerability?).

    https://www.zdnet.com/article/mailgu...rdpress-sites/
  • blackmonsters
    Making PHP work
    • Nov 2002
    • 20990

    #2
    Thanks for letting everyone know.
    You are doing what this site was made for and there are plenty of webmasters here who
    appreciate you taking the time to post and inform us about this.


    Your neighbor will murder you with frogs
    Click here

    Comment

    • babeterminal
      Confirmed User
      • Jul 2010
      • 2751

      #3
      is it this one ? i was using this a few months back its not showing up on wordpress

      yet-another-related-posts-plugin.4.4
      *SIG SPOT SEND MESSAGE IF INTERESTED*

      Comment

      • j3rkules
        VIP
        • Jul 2013
        • 22101

        #4
        Now it's also Social Warfare and Easy WP SMTP.

        Comment

        Working...