Last summer we shared a story about the SweetCaptcha WordPress plugin injecting ads and causing malvertising problems for websites that leveraged the plugin. When this plugin was removed from the official WordPress Plugin directory, the authors revived another WordPress account with a long abandoned plugin and uploaded SweetCaptcha as a “new version” of that plugin. InRead […]
Tag Archives: plugin
Bogus Mobile-Shortcuts WordPress Plugin Injects SEO Spam
Here at Sucuri we see countless cases of SEO spam where a website is compromised in order to spread pharmaceutical advertisements or backlinks to sites selling luxury goods. Most of the time this involves injecting hundreds of spam links into the site’s database but in this case a deceptive, fake plugin called mobile-shortcuts was able […]
Ask Sucuri: Who is logging into my WordPress site?
Today, we’re going to revisit our Q&A series. If you have any questions about malware, blacklisting, or security in general, send them to us at: [email protected]. For all the “Ask Sucuri” answers, go here. Question: How do I know who is logging into my WordPress site? Answer: One of the most basic and important security […]