Title: Custom Content Type Manager
Author: fireproofsocks
Published: <strong>November 27, 2010</strong>
Last modified: March 5, 2016

---

Search plugins

![](https://s.w.org/plugins/geopattern-icon/custom-content-type-manager_c9c790.svg)

# custom-content-type-manager

 * [Details](https://wordpress.org/plugins/custom-content-type-manager/#description)
 * [Reviews](https://wordpress.org/plugins/custom-content-type-manager/#reviews)
 * [Development](https://wordpress.org/plugins/custom-content-type-manager/#developers)

 [Support](https://wordpress.org/support/plugin/custom-content-type-manager/)

## Description

This plugin has been closed as of March 7, 2019 and is not available for download.
This closure is permanent. Reason: Author Request.

## Reviews

![](https://secure.gravatar.com/avatar/90cd76e77720ded124555c90cb081bf424e1ee4d0d698c87a6682dd21430c419?
s=60&d=retro&r=g)

### 󠀁[They are correct…Don't get it, or anything by this author](https://wordpress.org/support/topic/they-are-correctdont-get-it-or-anything-by-this-author/)󠁿

 [donnaWPadmin](https://profiles.wordpress.org/donnawpadmin/) September 3, 2016

And even if it gets fixed, I recommend staying away from anything this author writes
in the way of code…malicious once, malicious definitely will be again…no doubt. 
You can’t change a person’s character or integrity…it requires people to stand for
something even when it’s again self best-interest…and if someone does something 
like this once, more than the incident itself, it is a revelation of that person’s
character, so the chances are that very great that they will do it again, maybe 
not today, this week, or even this year…but they will. It’s what they value in the
world…taking advantage of people. Proving they are smarter…vanity, greed, power;…
or whatever the reason they have corrupt values, that’s in fact what they have. 
And if he comes up with an excuse, …you don’t write malicious code and get it accepted
by WordPress on ‘accident’ . The article: [ link redacted, please do not post links
in reviews ] (if the link doesn’t get removed)

![](https://secure.gravatar.com/avatar/327da942e9592e59753230ebbfaba1becc14e08c65b5b383e5c3de4d78168be4?
s=60&d=retro&r=g)

### 󠀁[Malicious Plugin](https://wordpress.org/support/topic/malicious-plugin-1/)󠁿

 [davidbcoleman](https://profiles.wordpress.org/davidbcoleman/) September 3, 2016

The fine people at Wordfence have warned that a backdoor was added to the Custom
Content Type Manager plugin by a malicious coder who gained access to the plugin
code in the official WordPress plugin repository. According to Wordfence, It’s unclear
whether the plugin author’s credentials were stolen or whether the malicious actor
was granted access. The WordPress security team removed the malicious user account
that added the backdoor to the plugin. They have also removed all malicious code
that was added to the plugin and updated the version number so that users running
this plugin will be prompted to upgrade.

![](https://secure.gravatar.com/avatar/576707ce4162eee1f2099133cc049cb832e5786bc6cff03e2454bf14fc71c5b3?
s=60&d=retro&r=g)

### 󠀁[WARNING Do not use this plugin!](https://wordpress.org/support/topic/warning-do-not-use-this-plugin-2/)󠁿

 [Nic Beltramelli](https://profiles.wordpress.org/nicolabeltramelli/) September 
3, 2016

It comes with a Backdoor through which can log and steals site admin credentials.
It should be removed from the official WordPress Plugin Directory. Read here Sucuri’s
investigation report.

![](https://secure.gravatar.com/avatar/d8cd11cf5736c0329e9993c2329cb50c2befeffc6930de506a37719288330053?
s=60&d=retro&r=g)

### 󠀁[Lost confidence of author/plugin](https://wordpress.org/support/topic/lost-confidence-of-authorplugin/)󠁿

 [Stockholm](https://profiles.wordpress.org/hasse2016/) September 3, 2016

First I read about a backdoor in the plugin. https://blog.sucuri.net/2016/03/when-
wordpress-plugin-goes-bad.html Then I read the authors profile: Samuel Wood (Otto)
Interests: WordPress, Beer, Hacking, Homebrewing You like homebrewed beer and hacking?
A dangerous combo 🙂

![](https://secure.gravatar.com/avatar/94c03a0d2582fdb6fdfaf70ea03ba6aaf2fbf937ec0fd0de6925661e309b5237?
s=60&d=retro&r=g)

### 󠀁[Security Risk](https://wordpress.org/support/topic/security-risk-9/)󠁿

 [armahi](https://profiles.wordpress.org/armahi/) September 3, 2016

http://betanews.com/2016/03/05/wordpress-plug-password-backdoor/

![](https://secure.gravatar.com/avatar/529a640b0a3e3801381194a09536e47c76e7275b45305d95c098cf76ed96b8c2?
s=60&d=retro&r=g)

### 󠀁[SECURITY THREAT](https://wordpress.org/support/topic/security-threat-1/)󠁿

 [jacraven](https://profiles.wordpress.org/jacraven/) September 3, 2016 1 reply

AVOID AT ALL COSTS http://news.softpedia.com/news/popular-wordpress-plugin-comes-
with-a-backdoor-steals-site-admin-credentials-501383.shtml “Custom Content Type 
Manager version 0.9.8.8 contains malicious code As Sucuri’s investigation revealed,
in the past two weeks, the plugin that looked like an abandoned project for the 
last 10 months, mysteriously changed owner, and immediately after, the new developer,
named wooranker, updated the plugin and pushed out a new version. All the changes
he made to the plugin were of a nefarious nature. First, there was the addition 
of the auto-update.php file, which included the ability to download files from a
remote server on the infected website. Additionally, wooranker also added the CCTM_Communicator.
php file, which worked together with another, older, legitimate plugin file. The
purpose of these two files was to ping wooranker’s server about the presence of 
a newly infected site. Besides gathering info on the victim’s site, this plugin 
also tapped into the WordPress login process and recorded usernames and the password,
albeit in encrypted format, sending the data to the wordpresscore.com server.”

 [ Read all 49 reviews ](https://wordpress.org/support/plugin/custom-content-type-manager/reviews/)

## Contributors & Developers

“Custom Content Type Manager” is open source software. The following people have
contributed to this plugin.

Contributors

 *   [ fireproofsocks ](https://profiles.wordpress.org/fireproofsocks/)

[Translate “Custom Content Type Manager” into your language.](https://translate.wordpress.org/projects/wp-plugins/custom-content-type-manager)

### Interested in development?

[Browse the code](https://plugins.trac.wordpress.org/browser/custom-content-type-manager/),
check out the [SVN repository](https://plugins.svn.wordpress.org/custom-content-type-manager/),
or subscribe to the [development log](https://plugins.trac.wordpress.org/log/custom-content-type-manager/)
by [RSS](https://plugins.trac.wordpress.org/log/custom-content-type-manager/?limit=100&mode=stop_on_copy&format=rss).

## Meta

 *  Version **0.9.8.9**
 *  Last updated **8 years ago**
 *  Active installations **N/A**
 *  WordPress version ** 3.3.0 or higher **
 *  Tested up to **4.2.39**
 *  [Advanced View](https://wordpress.org/plugins/custom-content-type-manager/advanced/)