If you use WordPress and require donations to sustain your blog or creative endeavor in some way shape or form, chances are that you use Total Donations to collect the funds necessary to fund your various projects. However, it has recently been revealed that people that are using Total Donations are vulnerable to cyber attacks that are caused by vulnerabilities within this plugin, so if you use Total Donations or have used it and have it installed on your browser, it is highly advised that you delete it before it ends up causing some serious harm.
One thing that should be noted is the fact that the cyber attacks on the various sites that use this plugin are basically caused by vulnerabilities in that plugin, flaws that could potentially make it very difficult for you to use it without exposing yourself to potential theft of data. After the year we all have had in 2018, I think it’s safe to say that no one wants to end up suffering any more than they already have with all of the data loss that occurred over the course of the previous year.
One thing that should be noted is the fact that the cyber attacks on the various sites that use this plugin are basically caused by vulnerabilities in that plugin, flaws that could potentially make it very difficult for you to use it without exposing yourself to potential theft of data. After the year we all have had in 2018, I think it’s safe to say that no one wants to end up suffering any more than they already have with all of the data loss that occurred over the course of the previous year.
Also Read: Credential Stuffing Attack Hits DailyMotionThe vulnerabilities exist within the code of the plugin and can be exploited by malicious actors and used to potentially obtain login details and the like. Your site is only as safe as your login details, so it is possible that people could potentially end up losing access to their sites entirely after the wrong people end up gaining access through the aforementioned plugin. Another thing that one should keep in mind is that the creator of the plugin, CodeCanyon, seems to no longer be active which means that they cannot be contacted and asked to fix the vulnerabilities in their code.