WP No External Links 4.2.1-4.2.2 - Backdoored



Description
Even though one of the WP dev removed the malicious code and released version 4.3 (https://plugins.trac.wordpress.org/browser/wp-noexternallinks?rev=1791413), the plugin is still closed for new installs.

Affects Plugin

fixed in version 4.3
- plugin closed

References

URL https://www.wordfence.com/blog/2017/12/plugin-backdoor-supply-chain/

Classification

Type BACKDOOR
CWE CWE-912

Miscellaneous

Submitter erwanlr
Submitter Website https://wpscan.org
Submitter Twitter erwan_lr
Views 6501
Verified Yes
WPVDB ID 8986

Timeline

Publicly Published 2017-12-28 (over 2 years ago)
Added 2017-12-28 (over 2 years ago)
Last Updated 2019-11-01 (8 months ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin