Ali Zulkifal | Jun 21, 2017 | 0
Hide Your Website; Popular WordPress Plug-in Goes Bad
WordPress is a mammoth of CMS platform. You have full reign to play around with the code structure and create just about anything you can imagine. The use of plug-ins takes this functionality further as you can make use of extensions made by other people, who really know the ins and outs of WordPress coding, without the need to actually know any coding. However, this isn’t always safe. There have been numerous cases where a popular and innocent looking plug-in or third party extension file contains some sort of malicious code that can cause all sorts of damage to your WordPress site. These could be free value plug-ins or even ones from legitimate developers accounts (which have either been hijacked or bought off, of course). One such case that surfaced recently is of a plug-in called “Custom Content Type Manager” that installs a backdoor through which it alters core WordPress files in an attempt to log and steal user credentials from infected sites.
“Custom Content Type Manager (CCTM)”, is a popular plugin that was made available around three years ago and currently has 10,000+ active installs, and a satisfaction rating of 4.8. It’s focus is to help create custom post types, should the standard WordPress experience be somewhat bland for you. However, the plug-in had been inactive for ten months prior to its latest update, research of which shows that the plug-in has now changed owners, and is currently under the possession of a developer called “wooranker”. You can read about how Sucuri Security, a leading security solution provider for WordPress sites, identified and reconstructed the attack here.
Given the popularity of this plug-in, there is no doubt that hundreds of sites have been affected when they unwittingly updated the plug-in as was sent out by wooranker. WordPress admins with this plug-in are advised to remove it immediately, or downgrade to version 0.9.8.6 (which is considered to be the last safe and stable version) if the CCTM plug-in is imperative for the site.