Possible WP Plugins That Are Security Risks?

by AceOfShirts

Posted: 15 years ago 2 replies

INTERNET MARKETING

I was looking at the AWStats for one of my sites. I noticed a couple of 404 errors so I looked to see what they were. A couple of them were readme files for WP Plugins I don't have installed, and have never used. Here are the errors:

/wp-content/plugins/connections/readme.txt

/wp-content/plugins/backwpup/readme.txt

They were also searches for

crossdomain.xml (which I have never used or heard of)

Who would be looking for or linking to a plugin readme file? My first guess is hackers trying to see if I have a vulnerable plugin installed.

Any other ideas?

#plugins #risks #security

lotsofsnow 15 years ago

That sounds about right.

Somebody tries to exploit a vulnerability that he or she found in a piece of code and then they try to find sites that have these plugins installed.

HP
- [ 1 ] Thanks
Signature

Call Center Fuel - High Volume Data
Delivering the highest quality leads in virtually all consumer verticals.
{{ DiscussionBoard.errors[4421591].message }}
Istvan Horvath 15 years ago

Yep, both those plugins had security issues.

I guess a script was checking the readme file because people usually upload everything - including the readme files - to their sever. If the file is present... the blog can be hacked, since they knew exactly what the vulnerabilities were. They just had to check if the plugin is installed
- [ 1 ] Thanks
Signature
{{ DiscussionBoard.errors[4421620].message }}

Trending Topics

17 {{ upvoteCount | shortNum }}

Is sleep overrated ??

discrat 1 week ago in Off Topic

i know it is important, vitally important. But the mantra that you must get at least 8 hours of solid sleep a night is a notion perpetuated by the media, ... [read more]

9 Replies
Share
9 {{ upvoteCount | shortNum }}

How to make affiliates sell my product??

50DoRo 3 days ago in Internet Marketing

Hi everyone, I'm a new vendor. I just created my first product, and I haven't made an offer on w+ yet, and I seek advice on how to attract affiliates ... [read more]

4 Replies
Share
17 {{ upvoteCount | shortNum }}

;) Why Mystify Intelligence? It's Not Magic. It's Mechanics. :D

Marx Vergel Melencio 1 week ago in AI

We've all seen it. Someone starts talking about "true intelligence" as if it's a gift handed down by Zeus himself. When people talk about a mystified definition of intelligence, they're ... [read more]

8 Replies
Share
18 {{ upvoteCount | shortNum }}

Do backlinks from old pages lose value if the page is never updated?

OptiRank 3 weeks ago in Beginners Area

Hi everyone, I have a question about backlinks from older pages. Let's say you get a backlink from an article that was published a few years ago. The page is ... [read more]

7 Replies
Share
4 {{ upvoteCount | shortNum }}

Agency level tools?

Will Evans 1 week ago in Web Design

We run/manage multiple client websites (mainly WordPress) and found that the post-launch side of agency work often gets scattered across too many places: Trello for tasks, spreadsheets for renewals, email ... [read more]

3 Replies
Share

Advertise with Us