I wrote a post yesterday in another category and thought I’d update you here in this category. This is important information and I don’t want anyone to miss it. To get caught up with what’s going on with the Yuzo Related Posts plugin hack, please read through this post and then return here.
Okay, I’ve been doing a bit more research on this topic. As you know, one of my blogs was hacked on April 19, 2019 and because of this hack, it began redirecting to some spammy websites. Most notably DoNotifyFriends[dot]info, BeMyLittleTeddy[dot]info and Gearbest[dot]com. After reading a very well written description of what went down on the WordFence blog, I now have a clear picture of what occurred.
Apparently, the Yuzo plugin was removed from the WordPress plugin directory in late March because of a vulnerability in their coding (stored cross-site scripting (XSS) that went unattended to. When there’s a vulnerability in a plugin’s code, this is what WordPress does. They remove it from the directory. Unfortunately, even though the plugin was removed, no one who had it installed had any way of knowing there was an issue. Anyway, there was some sloppy coding, WordPress got rid of the plugin and for some strange reason, someone out there decided to announce to the world, and the hacker, what the exact vulnerability was. When the hacker heard this, they went ahead and created some malicious code and then crawled the web to locate the over 60,000 users of this plugin. Once they did that, they injected malicious JavaScript into one of the files up the plugin, causing the redirect. As you know, finding the actual problem file is the toughest thing to deal with when attempting to repair a hacked website. It’s been suggested that anyone who has this plugin installed on their website remove it immediately. Don’t just disable it, remove it entirely.
To read more on this topic, please take a look at these posts and reply down below if you have any questions or to let us know about what happened to your own website or blog.
Yuzo Related Posts Zero-Day Vulnerability Exploited in the Wild
Your WP Site Got Hacked? Thank Yuzo Related Posts (And YellowPencil?) Plugin
Leave a Reply