Random entries I didn’t write or add, posted in ‘posts’.

  • witchyanne

    (@witchyanne)


    1 year, 8 months ago

    Since I’ve installed yoast I’ve had 1+ random posts per day show up in my ‘posts’ section and live on my site. They aren’t relevant to my site, I didn’t write or post them.

    I deleted my (very few) plugins 1 by 1 until it stopped, and the culprit is Yoast.

    I knew it was Yoast all along, because it only started when I installed Yoast.

    However, I’ve seen how people respond to any kind of critical feedback here, basically trying to gaslight users and/or tell them how it’s their fault/a different plugin/something else, so I deleted them all 1 by one, gave it 3 days, and boom when I added yoast back, SPAM.

Viewing 1 replies (of 1 total)
  • monbauza

    (@monbauza)

    1 year, 8 months ago

    Hi @witchyanne!

    Thanks for your review. We’re sorry to hear you’ve had such a bad experience with our plugin.

    First of all, we’d like to clarify that Yoast SEO doesn’t have the capabilities to publish content on your website by itself. If new posts get published on your website without your consent, your website might have been hacked.

    Please, note that we partner with Sucuri to pro-actively secure our plugins. As our plugins run on more and more sites, we have a responsibility towards our users and the web at large to make sure that we do our utmost to make sure our code doesn’t make them vulnerable.

    What does this mean to you?
    We were not the entrance point for the hack but the file where the hacker injected their malicious code. Plugin folders are easier to modify, due to their writable file permissions, when a hacker determines your site has a vulnerability.

    What should you do next?
    We recommend having your web host run an audit on your server. Once the audit is complete, your web host will make appropriate recommendations on fixing and securing your site.

    What should you do after the hack has been cleaned up?
    Our SEO experts wrote an article covering the five things you should do right after you find your site to be hacked. You can read it here: 5 things to do after a hack

    Here are a few more articles we recommend reading:

    WordPress.org’s FAQ My site was hacked
    Sucuri’s How to Clean a WordPress Hack
    WPBeginner’s 11 Top Reasons Why WordPress Sites Get Hacked (and How to Prevent it)

Viewing 1 replies (of 1 total)
  • The topic ‘Random entries I didn’t write or add, posted in ‘posts’.’ is closed to new replies.