Support » Plugins and Hacks » Yak Plugin Exploit. Yuk!!!

Viewing 7 replies - 1 through 7 (of 7 total)
  • @mercime

    (@mercime)

    Volunteer Moderator

    Curious. How do you know that the exploit was caused by the plugin?

    Because it is the only plugin I have installed!!!!!

    what what version of WP are you using?

    I’ve had friends sites hacked and it appears to have been a brute force attempt at guessing the login (admin for sure, then what next…..)

    There are a number of ways of preventing this – change admin via DB to something else, use login/lockdown etc. i have listed a bunch of ideas on my site.

    Interesting that rather than contacting the author of the plugin, you post a message here first. Also interesting, is that in a good couple of years of people using YAK, no one has posted anything about any exploits like this. Nor have they contacted me directly about it.

    I’m using YAK in many of my sites.
    It’s a very great plugin (easy to understand and use).

    There maybe an exploit, but I don’t think you can say that it’s caused by the plugin just with the

    Because it is the only plugin I have installed!!!!!

    .

    I’m not about to drop my consideration for this plugin because some *bleep that “keeps forgetting his passwords” got his admin account “hacked”. Assumptions do more bad than good. No proof it was thru this plugin means maybe you dropped one of your “Don’t forget the password of my big new ecommerce site is “password”..” yellow sticky note!

Viewing 7 replies - 1 through 7 (of 7 total)
  • The topic ‘Yak Plugin Exploit. Yuk!!!’ is closed to new replies.