Ein Captcha-Plugin mit eingebauter Hintertür ist auf three hundred.000 WordPress-Seiten aktiv. Mittlerweile ist eine bereinigte Version erschienen. Das Vertrauen in den Entwickler bröckelt weiter.

Das WordPress-Plugin Captcha hatte eine Backdoor eingebaut, über die Betrüger auf WordPress-Seiten zugreifen können. Davor warnen Sicherheitsforscher von WordFence. Die Version 4.4.5 von Captcha soll die Hintertür nicht mehr enthalten.

Captcha kommt auf three hundred.000 WordPress-Seiten aktiv zum Einsatz. Nutzer sollten sicherstellen, dass sie die aktuelle Ausgabe installiert haben – den Sicherheitsforschern zufolge ist die Backdoor seit der Version 4.Three.7 mit an Bord. Nun darf der Entwickler das Plugin nur noch mit vom WordPress-Team abgesegneten Updates aktualisieren. Die verseuchte Version wurde automatisch an Nutzer ausgespielt. Betrachtet guy den Entwickler Simplywordpress näher, schrumpft das Vertrauen weiter und es liegt nahe, das Plugin dauerhaft zu entfernen.

Mysteriöse Vorkommnisse
Simplywordpress wechselte im September den Besitzer – Namen wurden dabei nicht bekannt gegeben. Wer wirklich dahinter steckt, ist bis heute unklar. WordFence ist jedoch während den Recherchen eigenen Angaben zufolge immer wieder auf den Namen einer Person gestoßen, die in der Vergangenheit WordPress-Plugins aufgekauft hat, um mit diesen Backlinks auf Nutzer-Webseiten zu platzieren.

Read More Articles :

So hat er den Page Rank von seinen geschäftlichen Webseiten gepusht, damit diese bei einer Internetsuche besser gefunden werden. Das soll auch Sinn und Zweck der Backdoor in Captcha sein.

Simplywordpress hat it Covert me Popup, Death To Comments, Human Captcha, Smart Recaptcha, Social Exchange notch weitere mit einer Hintertür ausgestattete Plugins im Angebot. Diese sind aber nicht in der offiziellen Plugin-Quelle von WordPress verfügbar. Man konnte sie auf der Webseite der Entwickler herunterladen – dies ist der Zeit offline. (des)

While growing net programs with WordPress, developers connect the application to 1/3-birthday party programs and services via precise utility programming interfaces (APIs). They further use a spread of APIs to decorate the WordPress utility’s functionality and user revel in. WordPress REST API permits programmers to attach their application to other software program and services in a less difficult and more efficient manner. The developers can use the plug-in to make their WordPress application connect to other websites and services with the aid of overcoming differences in information forma and lower back-end programming languages.

Understanding Important Aspects of WordPress REST API

JSON Data Format

They can use the plug-in to make the WordPress software speak with 0.33-birthday party software and services by sending and receiving JavaScript Object Notation (JSON) items. JSON is a modern-day and human-readable statistics layout. Also, JSON has encoders and decoders for most broadly used programming languages. Hence, the WordPress application and third-birthday celebration software program can alternate facts in a together intelligible layout. The developers can, in addition, join their WordPress application seamlessly to an expansion of software and services via writing simple JavaScript code.

REST Methodology

WordPress has designed the plug-in as an ordinary connector by using Representational State Transfer (REST) method. In addition to having an easy records layout, REST also lets in builders to apply usually used HTTP methods like a POST, GET, DELETE and PUT. At the same time, the technique can facilitate the exchange of records in each XML and JSON format. The REST methodology simplifies the verbal exchange among programs. It similarly makes the WordPress application alternate data with other websites and services in both XML and JSON format.

Compatibility with Other Web Programming Languages

While developing websites with WordPress, programmers ought to write code in PHP. At present, PHP is the most famous server-side programming language. But it lacks many advanced functions provided by using contemporary programming languages like Ruby, Java, and C#. Hence, many builders these days opt for writing web applications in modern-day programming languages. The WordPress REST API will make it less difficult for programmers to attach WordPress packages to different websites and offerings irrespective of their server-side programming language. The seamless connection will, in addition, assist programmers to get rid of commonplace compatibility problems.

When you need to strike a stability between a number of-of things like high-quality, capability and fee, you robotically select the golden mean that would give you a little bit of the whole lot! A device like WordPress gives corporations with just the right mix of features, capability and the very last high-quality. With wealthy constructed in functions and numerous plug-ins to decorate the capability, WordPress is modern maximum desired CMS for speedy improvement and deployment of websites for both large and small businesses.

Here’s what makes WordPress the most preferred preference for internet site development nowadays:

Quick and easy installation

WordPress is simple to start with. The set up is simple and more importantly quick. All you want to do is input a few simple facts and you are desirable to go! You can both do a full set up or a custom designed one.

Website issues

WordPress comes with some constructed in themes, you could at once use these subject matters to quickly create your website. Well, if you want to, you can additionally customize these subject matters and make them greater suitable for your commercial enterprise. Website themes are to be had immediately from WordPress or are provided by way of the third celebration. You can easily tailor them to apply your business branding colors and your strategies.

Chances are that you have already heard of WordPress. But what is WordPress? Simply put, WordPress is web software program that you could use to create your very own internet site or blog. Since it becomes launched in 2003, WordPress has emerged as one of the maximum famous web publishing systems, and today it powers more than 70 million websites. Because it’s far built on enterprise popular Hypertext Preprocessor and MySQL, the WordPress web hosting platform can run on pretty much any present day server.

But what many people do not recognize, WordPress isn’t always only a running a blog tool. It is also a rather bendy content management gadget CMS which offers you the possibility to construct and control your very own complete functions internet site the use of only your web browser. Best of all, it’s miles absolutely unfastened. It is constantly enhancing and evolving. That’s because WordPress is an open-supply task because of this that loads of volunteers from everywhere in the international are continuously growing and enhancing the code for WordPress software. And there are hundreds of plug-in, widgets, and subject matters that enable you to construct a completely custom website for just about anything that you could imagine.