WordPress plugin flaw in Yuzo being exploited

Walden Systems Geeks Corner WordPress plugin flaw in Yuzo being exploited news Rutherford NJ New Jersey NYC New York North Bergen County
Rita gives you full control of what sites your employees visit. Rita can block sites that eat up your precious bandwidth such as media streaming sites. Rita enables you full control of what sites your employees can and cannot visit. Rita gives you the ability to block undesirable sites by wildcard or by name. Rita gives you the ability to determine which computers will be blocked and which will be allowed. With Rita, you can block access to sensitive servers within your LAN.

Users of the popular Yuzo Related Posts plugin are being told to uninstall the plugin after a flaw was discovered being exploited in the wild. The Yuzo Related Posts WordPress plugin is currently used by over 60,000 websites. Yuzo Related Posts enables WordPress websites to display related posts segments. A cross-site scripting flaw was recently disclosed in the plugin that could be used to deface websites, redirect visitors to unsafe websites, or compromise WordPress administrator accounts. The vulnerability, which allows stored cross-site scripting, or XSS, is being exploited in the internet. These attacks appear to be linked to the same hacker or hacking group that targeted the Social Warfare and Easy WP SMTP vulnerabilities.

The plugin was removed from the WordPress plugin directory on March 30 after a security researcher publicly disclosed the vulnerability in the plugin that day. The support team for Yuzo Related Posts stated that it recommends users to uninstall the plugin immediately until an update becomes available. The flaw comes from missing authentication checks in the plugin. The flaw exists in the part of the plugin in charge of storing settings in the database. The stored cross-site scripting flaw means that an unauthenticated hacker could inject malicious content into the plugin settings. If a hacker were to inject a JavaScript code into the settings, the code would then be inserted into HTML templates – and executed by the web browser when users visit the compromised website.


Researchers linked the recent attack to a separate WordPress plugin exploit in March. The plugin, Social Warfare was also plagued by a stored cross-site scripting vulnerability that was being exploited on the internet. The incident came after a separate vulnerability was disclosed and patched in a different WordPress plugin, Easy WP SMTP. This vulnerability was also under active attack and being exploited by hackers to establish administrative control of impacted sites.

Third-party plugins continues to be the soft spot for WordPress security. According to a January Imperva report, almost 98 percent of WordPress vulnerabilities are related to plugins that extend the functionality and features of a website or a blog. The plug-in directory is very much like the Google Play store where vetting apps is a major weakness. Lack of notifications by the plugin developer is also an issue to contend with. It is recommended that WordPress users either automatically update the platform and their apps or pay close attention to the ones they use and how they behave and keep an eye out for vulnerabilities.