Welcome to the GoFuckYourself.com - Adult Webmaster Forum forums.

You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so please, join our community today!

If you have any problems with the registration process or your account login, please contact us.

Post New Thread Reply

Register GFY Rules Calendar
Go Back   GoFuckYourself.com - Adult Webmaster Forum > >
Discuss what's fucking going on, and which programs are best and worst. One-time "program" announcements from "established" webmasters are allowed.

 
Thread Tools
Old 04-16-2019, 03:27 AM   #1
cordoba
Confirmed User
 
Join Date: Feb 2010
Posts: 1,091
Heads Up - Wordpress Plugin YUZE Related Posts Hacked

Woke up this morning to find one of my most important wordpress blogs was redirecting affiliate links to malware. After various attempts at a quick fix I did a Google search and discovered that it was a recent mass hack of the YUZE related posts plugin. Some twat 'security researcher' had discovered a vulnerability in the plugin and then published the code online instead of informing the makers of the plugin.

I know a lot of you with wordpress blogs will be using that plugin. Apparently 60,000 have been affected already. Anyway, removing the plugin seems to have worked, although the patched up version of it still isn't available and there doesn't seem to be any decent alternative listed in the WP library (YARPP isn't showing in the WP plugin library - maybe they are waiting to see if that shared the same vulnerability?).

https://www.zdnet.com/article/mailgu...rdpress-sites/
cordoba is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 04-16-2019, 06:37 AM   #2
blackmonsters
Making PHP work
 
blackmonsters's Avatar
 
Industry Role:
Join Date: Nov 2002
Location: 🌎🌅🌈🌇
Posts: 20,136
Thanks for letting everyone know.
You are doing what this site was made for and there are plenty of webmasters here who
appreciate you taking the time to post and inform us about this.


__________________
You mad as fuck because you suck.
You have no life.

blackmonsters is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 04-16-2019, 08:20 AM   #3
babeterminal
Confirmed User
 
Industry Role:
Join Date: Jul 2010
Location: tits
Posts: 2,751
is it this one ? i was using this a few months back its not showing up on wordpress

yet-another-related-posts-plugin.4.4
__________________
*SIG SPOT SEND MESSAGE IF INTERESTED*
babeterminal is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 04-16-2019, 11:09 AM   #4
j3rkules
VIP
 
j3rkules's Avatar
 
Industry Role:
Join Date: Jul 2013
Posts: 22,105
Now it's also Social Warfare and Easy WP SMTP.
j3rkules is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Post New Thread Reply
Go Back   GoFuckYourself.com - Adult Webmaster Forum > >

Bookmarks

Tags
plugin, wordpress, library, yuze, discovered, vulnerability, blogs, posts, related, version, apparently, 60, 000, removing, affected, patched, waiting, shared, decent, yarpp, listed, alternative, online, malware, links, attempts



Advertising inquiries - marketing at gfy dot com

Contact Admin - Advertise - GFY Rules - Top

©2000-, AI Media Network Inc



Powered by vBulletin
Copyright © 2000- Jelsoft Enterprises Limited.