If anyone reading this blog has wp-phpmyadmin installed on their site you should remove it immediately.
For the past 2 months we’ve been seeing more and more websites with this plugin being infected.
There is usually a file added: upgrade.php that is not part of the legitimate files and has various malicious code inside.
This plugin is no longer on the WordPress plugin repository as it has not been updated since 2007.
While a plugin like this might seem more convenient for database work than using your hosting provider’s control panel, it’s also more convenient for hackers.
We did a Google search on this and found that the majority of websites with this plugin, also don’t have any prevention for viewing the directory this is installed in.
This means that a hacker can click on “Parent Directory” and see all the plugins installed. While this isn’t a huge vulnerability, it’s so easy to prevent with a either a .htaccess file or an empty index.html file.
The less information a hacker knows about your website the better off you are.
What about you? Do you have this installed on your website? Are there other plugins you worry about? Leave a comment here and we’ll investigate it.
Need your website cleaned, protected and monitored? Send us an email: firstname.lastname@example.org