WordPress Captcha plugin has a backdoor.
The Wordfence blog posted an article about a WordPress Captcha plugin that has a backdoor. Their post details exactly how the exploit works.
In short, if your site is running the compromised version of this plugin, or any of the other four plugins from the same publisher, then your site can be compromised.
Some steps a site owner can take to prevent and/or mitigate potential hacking are:
- Keep WordPress updated
- Keep plugins updated. (See the note below)
- Minimize the use of third party tools such as plugins. It is impossible to completely avoid third party tools but webmasters should do a risk-benefit analysis before adding any such tools.
- Use a tool such as Wordfence that provides additional security for your site.
- Look at your server logs for unusual activity.
- Subscribe to at least one or two lists that monitor WordPress Security
- Have rotating backups of your site and data. ROTATING is the key word. You want to be able to go back to a point in time where the site and data are clean if you are compromised.
- Encrypt personally identifiable information.
- Updating your WordPress plugins takes your site offline temporarily – Time things accordingly.
- A backdoor in a youtube plugin could compromise your Joomla site.
- Securing your WordPress site
- How to choose a WordPress plugin
- SOLVED – WPS Hide Admin not working after deploying HTTPS in WordPress
- Why you should never allow your web developer to modify the core or plugin code.
- WordPress crash after updating BackupWordPress to v 3.9 – June 10 2019
- Compromised WordPress sites are being targeted in a Cryptocurrency mining scheme