• About
  • Write For Us
  • Contact
  • Top 50 Photography Blogs
  • Resources
  • Forum

IndustryDev

  • Design
    • Photoshop
    • Lightroom
    • Camera Raw
    • Bridge
  • Development
    • HTML
    • CSS
    • Javascript
    • PHP
    • Dev Tools
    • WordPress
  • Photography
  • Blogging
  • Technology
  • Inspiration
You are here: Home / Wordpress / Website Hacked Because of Yuzo Related Posts Plugin

Website Hacked Because of Yuzo Related Posts Plugin

April 22, 2019

I wrote a post yesterday in another category and thought I’d update you here in this category. This is important information and I don’t want anyone to miss it. To get caught up with what’s going on with the Yuzo Related Posts plugin hack, please read through this post and then return here.

WordPress Website Hacked and is Now Redirecting

Okay, I’ve been doing a bit more research on this topic. As you know, one of my blogs was hacked on April 19, 2019 and because of this hack, it began redirecting to some spammy websites. Most notably DoNotifyFriends[dot]info, BeMyLittleTeddy[dot]info and Gearbest[dot]com. After reading a very well written description of what went down on the WordFence blog, I now have a clear picture of what occurred.

Apparently, the Yuzo plugin was removed from the WordPress plugin directory in late March because of a vulnerability in their coding (stored cross-site scripting (XSS) that went unattended to. When there’s a vulnerability in a plugin’s code, this is what WordPress does. They remove it from the directory. Unfortunately, even though the plugin was removed, no one who had it installed had any way of knowing there was an issue. Anyway, there was some sloppy coding, WordPress got rid of the plugin and for some strange reason, someone out there decided to announce to the world, and the hacker, what the exact vulnerability was. When the hacker heard this, they went ahead and created some malicious code and then crawled the web to locate the over 60,000 users of this plugin. Once they did that, they injected malicious JavaScript into one of the files up the plugin, causing the redirect. As you know, finding the actual problem file is the toughest thing to deal with when attempting to repair a hacked website. It’s been suggested that anyone who has this plugin installed on their website remove it immediately. Don’t just disable it, remove it entirely.

To read more on this topic, please take a look at these posts and reply down below if you have any questions or to let us know about what happened to your own website or blog.

Yuzo Related Posts Zero-Day Vulnerability Exploited in the Wild

Your WP Site Got Hacked? Thank Yuzo Related Posts (And YellowPencil?) Plugin

Related posts:

  1. WordPress Theme & Plugins Installed On This Website
  2. New Website SEO Checklist
  3. WordPress Website Hacked and is Now Redirecting
  4. Looking For an Ad Placement Plugin That Can Post Between Excerpts
  5. Looking For a Good Recent Comments Plugin For WordPress

Filed Under: Wordpress

What’s Next? Email Updates!

If you enjoyed reading this post, why not consider signing up to receive others like it by email? It's so easy and you can unsubscribe at any time.

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Connect With Me

  • Facebook
  • Instagram
  • Pinterest
  • RSS
  • Twitter

MOST POPULAR POSTS

  • How to Set the Photo Quality in your Canon Rebel DSLR Camera Before participating in any type of photo shoot, it's i...
  • How to Adjust the Mouse Click & Scroll Settings in Windows 10 I's say this is one of the very first settings I ed...
  • How to Export Video From Adobe Photoshop When it comes to exporting and rendering video clips, t...
  • How to Apply an Adjustment to Only One Layer in Adobe Photoshop The answer is clipping. I'll tell you that right up fro...
  • How to Speed Up & Slow Down Video in Adobe Photoshop This is one of those posts that's going to be super hel...
  • Cutting Out a Shape From a Shape in Adobe Photoshop I've been using shapes for various things in Adobe Phot...
  • How to Set the Self Timer On Your Canon Rebel DSLR Camera Camera self timers are great. I was recently part of a...
  • Animating Scale, Rotation & Opacity in Adobe Photoshop I sat down a few days ago and started messing around in...
  • 3 Ways to Close Applications in Windows 10 This is going to be a very quick post because the topic...
  • How to Set Your Canon Rebel Camera For Continuous Shooting Continuous Shooting mode is very important for those wh...

Recent Comments

  • angelica blanco on How to Organize Video & Audio Project Files for Adobe Photoshop
  • pete salomone on Downloading Photos From a Digital Camera Using Adobe Bridge
  • cdn on How To Create a Slideshow For Your Lock Screen in Windows 10
  • Jay Gaulard on How to Set Your Canon Rebel Camera For Continuous Shooting
  • Deb on How to Set Your Canon Rebel Camera For Continuous Shooting

Copyright © 2021 · IndustryDev.com Web Design & Photography Blog · About · Write For Us · Contact · Privacy / Terms · Sitemap