The official WordPress plugin repository becomes the target of spammers

We have already told about it in previous programs of WordPress News in Spanish, the incidents with plugins from the official WordPress.Org repository seem to have become the target of spammers.

Plugins like 404 t0 301, Display Widgets, WP Slimstat, WP Maintenance Mode, Menu Image, NewStatPress, Financial Calculator, Weptile Image, No Comment, were involved in sales transactions with spammers, some were intercepted, others withdrawn and now a new case.

The popular Si Capcha Antispam plugin (a plugin we have talked about several times in WordPress News in Spanish) has been permanently removed from the WordPress.Org repository when it was detected that it included malicious spam code in one of its latest updates.

And it seems that spammers have found an “easy” way by buying popular and widely used plugins to inject malicious code into millions of pages made with WordPress.

WordPress.Org faces one of its most difficult crossroads to detect and intervene these practices. Developers have a task to raise awareness, but they come up against monetary offers, sometimes very succulent.

Continuing with WordPress Security, more vulnerabilities have been detected in versions lower than the current version 4.8.2, so millions of outdated WordPress are at risk of being compromised.

At Host-Fusion.Com we have our Patchman system of virtual patches that are automatically applied to protect our clients’ WordPress, notifies, patches and when the user updates their WordPress, the patch disappears.

Now more than ever it is very important to have all our WordPress installations up-to-date.

We will also tell you about the latest vulnerable plugins, this time the popular VaulPress, if you are a user of this plugin we recommend updating to its latest stable and secure version.

Did you update Yoast SEO and it disappeared from your WordPress? We tell you how to solve it.

This and much more, today, September 26, 2017, at 7:00 p.m. Spanish time, Antonio Postigo @hoystreaming and Pedro Santos @hostfusion, will tell you all the WordPress news in Spanish.

You can follow the program live in this article

WordPress News in Spanish, every Tuesday and Thursday, at 7:00 p.m. live, with Antonio Postigo @hoystreaming and Pedro Santos @hostfusion

All the videos from previous programs are available in the WordPress News section in Spanish and also in our Podcast.

An original idea of Host-Fusion.Com your provider hosting para WordPress trustworthy and HoyStreaming.comYour digital window to the world.

Change course with HostFusion from Pedro Santos