Title: Yak Plugin Exploit. Yuk!!! Last modified: August 19, 2016 --- # Yak Plugin Exploit. Yuk!!! * [netpup007](https://wordpress.org/support/users/netpup007/) * (@netpup007) * [17 years, 9 months ago](https://wordpress.org/support/topic/yak-plugin-exploit-yuk/) * Sorry for setting up another wordpress.org account – I keep forgetting my passwords. * Now I’m trying Yak and somebody gained access to my administration account. What the hell is wrong with WordPress plugins!!! * [http://wordpress.org/extend/plugins/yak-for-wordpress/](http://wordpress.org/extend/plugins/yak-for-wordpress/) Viewing 7 replies - 1 through 7 (of 7 total) * [@mercime](https://wordpress.org/support/users/mercime/) * (@mercime) * [17 years, 9 months ago](https://wordpress.org/support/topic/yak-plugin-exploit-yuk/#post-848086) * Curious. How do you know that the exploit was caused by the plugin? * Thread Starter [netpup007](https://wordpress.org/support/users/netpup007/) * (@netpup007) * [17 years, 9 months ago](https://wordpress.org/support/topic/yak-plugin-exploit-yuk/#post-848120) * Because it is the only plugin I have installed!!!!! * [Lester Chan](https://wordpress.org/support/users/gamerz/) * (@gamerz) * [17 years, 9 months ago](https://wordpress.org/support/topic/yak-plugin-exploit-yuk/#post-848132) * what what version of WP are you using? * [anmari](https://wordpress.org/support/users/anmari/) * (@anmari) * [17 years, 9 months ago](https://wordpress.org/support/topic/yak-plugin-exploit-yuk/#post-848400) * I’ve had friends sites hacked and it appears to have been a brute force attempt at guessing the login (admin for sure, then what next…..) * There are a number of ways of preventing this – change admin via DB to something else, use login/lockdown etc. i have listed a bunch of ideas on my site. * [nolongeractive](https://wordpress.org/support/users/jrbriggs/) * (@jrbriggs) * [17 years, 8 months ago](https://wordpress.org/support/topic/yak-plugin-exploit-yuk/#post-848426) * Interesting that rather than contacting the author of the plugin, you post a message here first. Also interesting, is that in a good couple of years of people using YAK, no one has posted **anything** about any exploits like this. Nor have they contacted me directly about it. * [anassirk](https://wordpress.org/support/users/anassirk/) * (@anassirk) * [17 years, 8 months ago](https://wordpress.org/support/topic/yak-plugin-exploit-yuk/#post-848441) * I’m using YAK in many of my sites. It’s a very great plugin (easy to understand and use). * There **maybe** an exploit, but I don’t think you can say that it’s caused by the plugin just with the * > Because it is the only plugin I have installed!!!!! * . * [atQuest](https://wordpress.org/support/users/atquest/) * (@atquest) * [17 years, 2 months ago](https://wordpress.org/support/topic/yak-plugin-exploit-yuk/#post-848515) * I’m not about to drop my consideration for this plugin because some *bleep that“ keeps forgetting his passwords” got his admin account “hacked”. Assumptions do more bad than good. No proof it was thru this plugin means maybe you dropped one of your “Don’t forget the password of my big new ecommerce site is “password”..” yellow sticky note! Viewing 7 replies - 1 through 7 (of 7 total) The topic ‘Yak Plugin Exploit. Yuk!!!’ is closed to new replies. * 7 replies * 7 participants * Last reply from: [atQuest](https://wordpress.org/support/users/atquest/) * Last activity: [17 years, 2 months ago](https://wordpress.org/support/topic/yak-plugin-exploit-yuk/#post-848515) * Status: not resolved ## Topics ### Topics with no replies ### Non-support topics ### Resolved topics ### Unresolved topics ### All topics