Sorry for setting up another wordpress.org account - I keep forgetting my passwords.
Now I'm trying Yak and somebody gained access to my administration account. What the hell is wrong with WordPress plugins!!!
Yak Plugin Exploit. Yuk!!! (8 posts)
-
netpup007
Posted 10 months ago # -
mercime
Posted 10 months ago #Curious. How do you know that the exploit was caused by the plugin?
-
Posted 10 months ago #Because it is the only plugin I have installed!!!!!
-
what what version of WP are you using?
-
anmari
Posted 9 months ago #I've had friends sites hacked and it appears to have been a brute force attempt at guessing the login (admin for sure, then what next.....)
There are a number of ways of preventing this - change admin via DB to something else, use login/lockdown etc. i have listed a bunch of ideas on my site.
-
jrbriggs
Posted 9 months ago #Interesting that rather than contacting the author of the plugin, you post a message here first. Also interesting, is that in a good couple of years of people using YAK, no one has posted anything about any exploits like this. Nor have they contacted me directly about it.
-
anassirk
Posted 9 months ago #I'm using YAK in many of my sites.
It's a very great plugin (easy to understand and use).There maybe an exploit, but I don't think you can say that it's caused by the plugin just with the
Because it is the only plugin I have installed!!!!!
. -
atQuest
Posted 2 months ago #I'm not about to drop my consideration for this plugin because some *bleep that "keeps forgetting his passwords" got his admin account "hacked". Assumptions do more bad than good. No proof it was thru this plugin means maybe you dropped one of your "Don't forget the password of my big new ecommerce site is "password".." yellow sticky note!
Reply
You must log in to post.
