Security Update: Fake SEO Plugin Infects 4000 WordPress Sites | AWESEM

In the last couple of days a story has broken about a fake WordPress plugin that has infected up to 4000 WordPress sites. The plugin in question is named WP-Base-SEO and masquerades as an SEO plugin, so convincingly that it is overlooked by security scans. However, the plugin infects sites with malware by creating a backdoor and has so far preyed on up to 4000 unsuspecting site owners.

The plugin was discovered by the team at SiteLock, who released an in-depth blog post discussing the plugin and the havoc it can cause. They confirmed the plugin managed to slip past security scans by operating as a forgery of WordPress SEO Tools, which is a legitimate SEO plugin.

As always, we urge all users to ensure their site has robust security in place. Keep your plugins and themes updated, remove any suspicious plugins immediately and change your password if you’ve ever had this plugin installed.

No comments yet.

Leave a comment

Comment form

All fields marked (*) are required

Telephone

+44 (0) 20 7193 1411

Address

Portland House
Bressenden Place
London, SW1E 5RS, UK

Project Enquiry

Want to talk to us about a project?
Contact us here