Title: Custom Content Type Manager Author: fireproofsocks Published: 27. November 2010 Last modified: 5. März 2016 --- Plugins suchen ![](https://s.w.org/plugins/geopattern-icon/custom-content-type-manager_c9c790.svg) # custom-content-type-manager * [Details](https://de.wordpress.org/plugins/custom-content-type-manager/#description) * [Rezensionen](https://de.wordpress.org/plugins/custom-content-type-manager/#reviews) * [Entwicklung](https://de.wordpress.org/plugins/custom-content-type-manager/#developers) [Support](https://wordpress.org/support/plugin/custom-content-type-manager/) ## Beschreibung Dieses Plugin wurde am 7. März 2019 stillgelegt und ist nicht mehr zum Download verfügbar. Diese Stilllegung ist dauerhaft. Grund: Autorenanfrage. ## Rezensionen ![](https://secure.gravatar.com/avatar/90cd76e77720ded124555c90cb081bf424e1ee4d0d698c87a6682dd21430c419? s=60&d=retro&r=g) ### 󠀁[They are correct…Don't get it, or anything by this author](https://wordpress.org/support/topic/they-are-correctdont-get-it-or-anything-by-this-author/)󠁿 [donnaWPadmin](https://profiles.wordpress.org/donnawpadmin/) 3. September 2016 And even if it gets fixed, I recommend staying away from anything this author writes in the way of code…malicious once, malicious definitely will be again…no doubt. You can’t change a person’s character or integrity…it requires people to stand for something even when it’s again self best-interest…and if someone does something like this once, more than the incident itself, it is a revelation of that person’s character, so the chances are that very great that they will do it again, maybe not today, this week, or even this year…but they will. It’s what they value in the world…taking advantage of people. Proving they are smarter…vanity, greed, power;… or whatever the reason they have corrupt values, that’s in fact what they have. And if he comes up with an excuse, …you don’t write malicious code and get it accepted by WordPress on ‚accident‘ . The article: [ link redacted, please do not post links in reviews ] (if the link doesn’t get removed) ![](https://secure.gravatar.com/avatar/327da942e9592e59753230ebbfaba1becc14e08c65b5b383e5c3de4d78168be4? s=60&d=retro&r=g) ### 󠀁[Malicious Plugin](https://wordpress.org/support/topic/malicious-plugin-1/)󠁿 [davidbcoleman](https://profiles.wordpress.org/davidbcoleman/) 3. September 2016 The fine people at Wordfence have warned that a backdoor was added to the Custom Content Type Manager plugin by a malicious coder who gained access to the plugin code in the official WordPress plugin repository. According to Wordfence, It’s unclear whether the plugin author’s credentials were stolen or whether the malicious actor was granted access. The WordPress security team removed the malicious user account that added the backdoor to the plugin. They have also removed all malicious code that was added to the plugin and updated the version number so that users running this plugin will be prompted to upgrade. ![](https://secure.gravatar.com/avatar/576707ce4162eee1f2099133cc049cb832e5786bc6cff03e2454bf14fc71c5b3? s=60&d=retro&r=g) ### 󠀁[WARNING Do not use this plugin!](https://wordpress.org/support/topic/warning-do-not-use-this-plugin-2/)󠁿 [Nic Beltramelli](https://profiles.wordpress.org/nicolabeltramelli/) 3. September 2016 It comes with a Backdoor through which can log and steals site admin credentials. It should be removed from the official WordPress Plugin Directory. Read here Sucuri’s investigation report. ![](https://secure.gravatar.com/avatar/d8cd11cf5736c0329e9993c2329cb50c2befeffc6930de506a37719288330053? s=60&d=retro&r=g) ### 󠀁[Lost confidence of author/plugin](https://wordpress.org/support/topic/lost-confidence-of-authorplugin/)󠁿 [Stockholm](https://profiles.wordpress.org/hasse2016/) 3. September 2016 First I read about a backdoor in the plugin. https://blog.sucuri.net/2016/03/when- wordpress-plugin-goes-bad.html Then I read the authors profile: Samuel Wood (Otto) Interests: WordPress, Beer, Hacking, Homebrewing You like homebrewed beer and hacking? A dangerous combo 🙂 ![](https://secure.gravatar.com/avatar/94c03a0d2582fdb6fdfaf70ea03ba6aaf2fbf937ec0fd0de6925661e309b5237? s=60&d=retro&r=g) ### 󠀁[Security Risk](https://wordpress.org/support/topic/security-risk-9/)󠁿 [armahi](https://profiles.wordpress.org/armahi/) 3. September 2016 http://betanews.com/2016/03/05/wordpress-plug-password-backdoor/ ![](https://secure.gravatar.com/avatar/529a640b0a3e3801381194a09536e47c76e7275b45305d95c098cf76ed96b8c2? s=60&d=retro&r=g) ### 󠀁[SECURITY THREAT](https://wordpress.org/support/topic/security-threat-1/)󠁿 [jacraven](https://profiles.wordpress.org/jacraven/) 3. September 2016 1 Antwort AVOID AT ALL COSTS http://news.softpedia.com/news/popular-wordpress-plugin-comes- with-a-backdoor-steals-site-admin-credentials-501383.shtml „Custom Content Type Manager version 0.9.8.8 contains malicious code As Sucuri’s investigation revealed, in the past two weeks, the plugin that looked like an abandoned project for the last 10 months, mysteriously changed owner, and immediately after, the new developer, named wooranker, updated the plugin and pushed out a new version. All the changes he made to the plugin were of a nefarious nature. First, there was the addition of the auto-update.php file, which included the ability to download files from a remote server on the infected website. Additionally, wooranker also added the CCTM_Communicator. php file, which worked together with another, older, legitimate plugin file. The purpose of these two files was to ping wooranker’s server about the presence of a newly infected site. Besides gathering info on the victim’s site, this plugin also tapped into the WordPress login process and recorded usernames and the password, albeit in encrypted format, sending the data to the wordpresscore.com server.“ [ Alle 49 Rezensionen lesen ](https://wordpress.org/support/plugin/custom-content-type-manager/reviews/) ## Mitwirkende und Entwickler „Custom Content Type Manager“ ist Open-Source-Software. Folgende Menschen haben an diesem Plugin mitgewirkt: Mitwirkende * [ fireproofsocks ](https://profiles.wordpress.org/fireproofsocks/) [Übersetze „Custom Content Type Manager“ in deine Sprache.](https://translate.wordpress.org/projects/wp-plugins/custom-content-type-manager) ### Interessiert an der Entwicklung? [Durchstöbere den Code](https://plugins.trac.wordpress.org/browser/custom-content-type-manager/), sieh dir das [SVN-Repository](https://plugins.svn.wordpress.org/custom-content-type-manager/) an oder abonniere das [Entwicklungsprotokoll](https://plugins.trac.wordpress.org/log/custom-content-type-manager/) per [RSS](https://plugins.trac.wordpress.org/log/custom-content-type-manager/?limit=100&mode=stop_on_copy&format=rss). ## Meta * Version **0.9.8.9** * Zuletzt aktualisiert **vor 9 Jahren** * Aktive Installationen **k. A.** * WordPress-Version ** 3.3.0 oder höher ** * Getestet bis **4.2.39** * Sprache * [English (US)](https://wordpress.org/plugins/custom-content-type-manager/) * [Erweiterte Ansicht](https://de.wordpress.org/plugins/custom-content-type-manager/advanced/)