Background: In version 1.4.2, unauthorized users could basically perform all actions on the WordPress website and, in particular, create their own user with admin rights.
WordPress -Check users
You should therefore also check the list of WordPress users on your website. The spammer has always registered here under the name t2trollherten with the mail address firstname.lastname@example.org registered.
One of the most effective hacks of recent times
Unfortunately, security vulnerabilities in Plugins can never be ruled out. However, the simplicity of the hack and the effectiveness this time were amazing. The Plugin has over 100,000 installations! That this happens at a data protectionPlugin of all places is of course ironic.
What can happen?
The user has admin rights. He can therefore make various changes on the site . However, our customers have shown that no immediate changes were made here. Also in scans, which were carried out with the security-Plugin Wordfence did not detect any critical cases.
This is how you should proceed
1. update the Plugin WP GDPR Compliance to the latest version 1.4.3. 2.
2. delete the wrong WordPress user (e.g. t2trollherten).
To delete a WordPress user, proceed as follows:
- Log on to your site
- Click on Users → All Users in the WordPress dashboard.
- To delete a user, select it via the selection box on the left and then choose the option "delete" in the action drop-down multiple actions at the top.
If you have a backup system you can also restore the backup from Monday (November 5). The likelihood of someone gaining access to your site before then is quite low, as the acute hacks only took place on Thursday (8 November). After that, however, be sure to update Plugin .
Alternate GDPR -Plugin: Now if you have any concerns with this GDPR-Plugin , we recommend WP GDPR Tools as an alternative.
How to prevent such a hack in the future
A proven way to prevent this type of hack is to use automatic Plugin updates. As a managed WordPress web hoster service, this is one of our core offerings to relieve our customers of as much work as possible and thus create more freedom for them.
In this specific case, the Fully Managed customers the Plugin update to the secure version 1.4.3 was carried out in the night of 8 November. These customers were therefore not affected by the hack.
If you want to use our Fully Managed plan for 20 Euro instead of 30 Euro (net) per month, please use the following link: Fully Managed Special. The discount will be automatically available when you activate your BOX after the trial period. RAIDBOXES customers can upgrade via chat to Fully Managed plan .