Home Forums WordPress, blogging, SEO Beware of plugins – you won't believe this!

Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
  • #2727 Reply

    You might think that websites get hacked through the WordPress login and some do, but a much bigger problem is themes and plugins. We don’t know what code is in a plugin or theme, or what it is doing and we assume that everything is OK. It may not be.

    Here is an interesting story from Wordfence that discovered some strange code in a theme and plugin from Pipdig. It had code that enabled admin backdoors into your site, had the power to delete your site, and could have been used to attack competitor’s sites.

    There is no evidence any of this was actually happening to anyone, but why would they put in the code to do this?

    Read this article on the Wordfence website.

    Skip the technical talk about the code, you won’t understand it unless you are a developer, but there is enough plain English here to understand what is going on, and it is weird.

    It makes you wonder whether Pipdig is trustworthy. It also makes you wonder what other theme and plugin developers are hiding in their code.

    #2747 Reply

    The story continues and Pipdig’s activities have become even more questionable, making a bad situation even worse.

    Given what Wordfence says in the latest post, I would not recommend using any WordPress theme or plugin by Pipdig.

Viewing 2 posts - 1 through 2 (of 2 total)
Reply To: Beware of plugins – you won't believe this!
Your information: