Easy Career Openings Plugin | WordPress.org

jlhoyt60
(@jlhoyt60)

10 years, 8 months ago

One of our websites was hacked last night, 8/28/2013. The hosting company narrowed it down to malicious coding that was added to a plugin called ‘easy-career-openings’, which was uploaded to the site through WordPress.org. The entire site was wiped out and replaced with garbage links and tables. We implemented a 3-attempt login lockout, but that didn’t stop the hackers. When they couldn’t get in by changing our username/password, they went in through a weak plugin.

Question: who at WordPress.org vets the plugins that are available through them?

Viewing 1 replies (of 1 total)

esmi
(@esmi)

10 years, 8 months ago

The hosting company narrowed it down to malicious coding that was added to a plugin called ‘easy-career-openings’

This does not mean that the plugin was to blame. You need to start working your way through these resources:
http://codex.wordpress.org/FAQ_My_site_was_hacked
http://wordpress.org/support/topic/268083#post-1065779
http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/
http://ottopress.com/2009/hacked-wordpress-backdoors/

Anything less will probably result in the hacker walking straight back into your site again.

Additional Resources:
Hardening WordPress
http://sitecheck.sucuri.net/scanner/
http://www.unmaskparasites.com/
http://blog.sucuri.net/2012/03/wordpress-understanding-its-true-vulnerability.html

Viewing 1 replies (of 1 total)

The topic ‘Easy Career Openings Plugin’ is closed to new replies.

In: Fixing WordPress
1 reply
2 participants
Last reply from: esmi
Last activity: 10 years, 8 months ago
Status: not resolved

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics