Mysterious Install

Viewing 8 replies - 1 through 8 (of 8 total)
  • Thread Starter Simps

    (@simplesi)

    hmmm this is actually malware and not your version sorry.
    The plugin directory is called ‘wp-db-backup-made’ And the contents do not match yours. The ‘Readme’ is similar but different.
    When you click more details it brings you here to your plugin page.

    Good job I have not activated it.

    Time to contact the host and find out how they are doing this…

    I just discovered something similar. Did you find anything?

    This is happening to one of our websites as well. Can you list the theme and plugins that you are using?

    I’ve also see the “wp-db-backup-made” plugin on an hacked WP site I am cleaning up right now.

    Seems like a backdoor, if you try to access system.php in a browser you’re asked for a password. If I google “wp-db-backup-made” I see a lot of other sites that probably has this backdoor active…

    Yes it is. It could be a vulnerable plugin or theme. In my case it was the older version of the “Attachments” plugin that’s bundled with a theme we use. I updated it manually and now the problem no longer occurs. Make sure that your plugins/themes are up to date.

    There’s definitely some WordPress malware using the name of this plugin.

    Same here.. not sure which plugin is compromised on my site..

Viewing 8 replies - 1 through 8 (of 8 total)
  • The topic ‘Mysterious Install’ is closed to new replies.