Month: January 2018

How To Tell If Your Site Might Be Hacked

Author wefightforsecurityPosted on January 3, 2018Categories information security

You don’t have to be an expert to be able to tell if your site has been hacked, so listed below are possible ways to see if you have a hacked site.

  • Your site traffic suddenly plummets for no known reason. If your site is hacked, this is due to services, like Google flagging your site as dangerous.
  • Your site has pages you didn’t put there and have information you wouldn’t want on your site. If you are the only person who is supposed to have access to your site, then you were most likely hacked.
  • Your search results in Google have words you didn’t put there that have nothing to do with your site. You most likely were hacked.

Those are just a few ways to see if your site has been hacked without any expertise in reviewing code, but by this point it is too late, since you’ve already been hacked. Preventing hacks from happening is the best solution and that is by hiring professional security companies, like ourselves.

 

WordPress Plugin Redirect Editor 1.3 Exploitable — Update to 1.5.1.1

Author wefightforsecurityPosted on January 3, 2018Categories Uncategorized

The WordPress Plugin redirect editor was unlisted due to security issues in version 1.3. Thanks to help from the WordPress plugin security team and the former owner of redirect editor we were able to patch the plugin and take over the responsibility of maintaining the WordPress plugin redirect editor and we have been doing so. Unfortunately, more people are using the outdated exploitable versions than of those who are using the updated versions. Our first release was in the 1.4  branch, which had a ton of patches.  Unfortunately, 37 percent of users still use Redirect editor 1.3, which we find quite unfortunate, since we did not have control of the code back then and because we will be releasing  more information on the vulnerabilities affecting 1.3 and below in the near future.

 

Why release information on vulnerabilities in a WordPress plugin you now maintain?

Because people deserve to know what the heck is actually in the old software before we maintained it that makes the old versions in our professional opinion to insecure to safely use. If anyone finds an issue in the version we currently maintain, we will patch it ASAP.  If you are using the WordPress plugin redirect editor and are using 1.3 or below, you need to update immediately for the safety of your site.

 

If you have a WordPress plugin and are unable to maintain it, please contact us since we are always adopting plugins.