WordPress.org Forces pasword change on detecting backdoor on plugins

Comment

Yesterday a blogpost on wordpress.org reported to have found some suspecious commits on popular plugins.AddThis, WPtouch, and W3 Total Cache were the ones.They were found to have cleverly disguised Backdoors.Wordpress.org said that the authors were not responsible for those and sent updates to plugins.

As nothing is known on what happened, wordpress.org, bbPress.org and BuddyPress.org would require you to change your password to use the forums, trac, or commit to a plugin or theme, for security.

As a user, make sure to never use the same password for two different services, and we encourage you not to reset your password to be the same as your old one.Matt Mullenweg said on WordPress blogpost.

Also if you use AddThis, WPtouch, or W3 Total Cache there is a possiblity that you could have updated to the affected version of the plugin.So you are advised to upgrade now to the latest available version.Always keep your WordPress installation and plugins updated.Stay Safe!

You may also want to know more simple ways to secure your WordPress site.

Stay updated with such news.Subscribe to our newsletter. Share your views in comments!

Tharun Venkatesan

Author

Tharun Venkatesan

Tharun is a bit attracted towards computers and stuff.He loves to blog,share and know more about computers and technologies.He shares what he feels is something good on this site...Stay connected.
Tharun is on: Facebook , Google+ , Twitter

Up Next

Related Posts

3 comments
Ana
Ana

Big thanks for warning

TechGopal
TechGopal

ohhh really useful info...
thanxx for sharing.......

Olawale Daniel
Olawale Daniel

Good info, it comes handy for me because I love to secure my website. thanks for sharing :)