WordPress & Joomla Blacklisted plugins

Following plugins & themes are associated with highly critical security issues or consuming high system resources and may not work correctly on our shared Hosts because they are partially blocked.

Backdoor Found in Themes and Plugins from AccessPress Themes!
Due to the way the extensions were compromised, we suspected an external attacker had breached the website of AccessPress Themes in an attempt to use their extensions to infect further sites.
Details:
https://jetpack.com/2022/01/18/backdoor-found-in-themes-and-plugins-from-accesspress-themes/

Please update or remove (un-install completely) the extensions mentioned in the details from link above.
If there are no updates for this third party extensions, please uninstall them completely.
The use of security-critical components is not permitted.

Please update the complete WordPress installation including all plugins afterwards!

WordPress Security Reports
https://ithemes.com/blog/category/wordpress-security/

WPvivid Backup Plugin
this plugin is not allowed on the shared hosts because it causes high system overload and system crashes.

The Plus Addons for Elementor
https://www.wordfence.com/blog/2021/03/critical-0-day-in-the-plus-addons-for-elementor-allows-site-takeover/

contact-form-7-style
https://www.heise.de/news/WordPress-Schwachstelle-in-Plugin-Contact-Form-7-Style-dauerhaft-ungefixt-5048898.html?wt_mc=nl.red.security.security-nl.2021-02-11.link.link

WordPress Plugin Popup Builder
https://www.webarxsecurity.com/multiple-vulnerabilities-wordpress-plugin-popup-builder/

Ultimate Member Plugin – Critical Privilege Escalation Vulnerabilities Affect 100K Sites
https://www.wordfence.com/blog/2020/11/critical-privilege-escalation-vulnerabilities-affect-100k-sites-using-ultimate-member-plugin/

Elegant Themes, Divi and Extra, as well as Divi Builder, WordPress plugin – Critical Vulnerability
https://www.wordfence.com/blog/2020/08/critical-vulnerability-exposes-over-700000-sites-using-divi-extra-and-divi-builder/

WordPress Bridge Theme
https://www.getastra.com/blog/911/plugin-exploit/wp-theme-bridge-vulnerability/

Duplicator Plugin & Duplicator Pro- High Severity Vulnerability (forbidden)
https://www.wordfence.com/blog/2020/02/active-attack-on-recently-patched-duplicator-plugin-vulnerability-affects-over-1-million-sites/

Contact Form 7 Datepicker – High Severity Vulnerability (forbidden)
https://www.wordfence.com/blog/2020/04/high-severity-vulnerability-leads-to-closure-of-plugin-with-over-100000-installations/

– WordPress File Manager > banned (please delete /remove)
– wp-db-backup
– wpDiscuz
– Duplicator Plugin
– BackWPup
– trx_addons
– contact-form-7-datepicker
– formcraft
– wp-symposium
– wp-symposium-alerts
– modern-events-calendar
– profile-builder
– themegrill-demo-importer
– wd-google-maps
– async-javascript
– profile-builder
– wp-mod_dvfoldercontent
– wordpress-database-reset
– broken-link-checker
– firestats
– fuzzy-seo-booster
– ozh-who-sees-ads
– portable-phpmyadmin
– snapshot-backup
– visitor-stats-widget
– wp-mailinglist
– wp-power-stats
– wp-time-machine
– yet-another-featured-posts-plugin
– import-eventbrite-events
– ultimatemember
– fckeditor
– backup-to-dropbox-monitor
– com_fabrik
– pagebuilder
– uniform
– wpbenchmark
– disk-usage-sunburst
– heartbeat-control
– nextend-facebook-connect
– query-monitor
– wp-server-stats
– adminer
– adsense-click-fraud-monitoring
– automatic-wordpress-backup

These applications (plugins) list can be expanded continuously when security-critical apps or plugins vulnerabilities are published.