Important Security Update
YellowPencil plugin gets hack attack, and we fixed the vulnerability with a new update. (7.2.1 version) Please be sure you are using the latest version. We’re here, and we’ll help you until fixed all the infected websites. Please keep following our Facebook Community. We’re so sorry about it.
You must update the plugin quickly to the latest version to ensure the security of your website, The 7.2.1 release is the safe version, and all older versions are currently at risk.
Updating To The latest version
There an update button will appear on your WordPress panel, Click on “update” button. If you don’t see a button there, you must update the plugin manually.
Please follow these steps to update the plugin manually:
- Deactivate and delete the old version from WordPress Panel. (CSS changes will stay safe in your database, no worry.)
- Download YellowPencil Latest version. Free Pro
- In the WordPress dashboard, Click Plugins > Add New.
- Click Upload Plugin, and choose the file you’ve downloaded for YellowPencil.
My website gets an attack, how can I fix it?
This security issue was about the visitor view tool. There are some WordPress websites affected by this hack attack. If your website hacked, you can fix it:
Restore the WordPress database to a backup. Backup is the safest and the easiest way. Please contact your hosting provider; they will help you to restore the backup.
Delete Old Version And Install new version:
- Access your website with FTP, go to wp-content/plugins and delete YellowPencil folder (CSS changes will stay safe in your database, no worry.)
- If you still cannot access and you are using a cache plugin; delete the cache plugin folders in wp-content/plugins
- Go WordPress Panel and install the latest version by following steps at the top of the page.
Fix the database:
- Log into your WordPress database with phpMyAdmin through your hosting control panel.
- Navigate to the table wordpress_options table
- Edit the first two rows “siteurl” and “home” back to your domain. e.g: https://website.com
- Click on your database name in the left panel of phpMyAdmin and then click the Search button along the top bar and search all of your tables for the name of the malicious domain that your website was redirecting to with ‘ ‘ either side e.g. %baddomain to find any remaining records.
- WordPress Panel > Users > Your Profile and click Log out Everywhere Else.
- Check your browser and device, be sure your device is clean and no malware there.
- Clean Cache and be sure everything is okay in your website.
If you don’t know how to make it, please reference the current article to the hosting provider and ask help to them to fix this problem. Also, we will like to help you to fix this problem if you create a private support ticket in our support forum. Also, check this article for more information.
10 April evening was a hack attack to some WordPress plugins, including YellowPencil plugin. This hack attack was just to the database, No files infected. Only the “siteurl” and “home” rows in wp_option table changed to another URL. We understand this important, and we try our best to handle it. We will handle it together.
Scan Your Website
Update the plugin to the latest version, clear cache, and scan your website.
Application Based Scanners (Plugins):
Remote Based Scanners (Crawlers):