Hacking opprtunity

  • My wordpress site was hacked through this plugin.
    I have multiple backdoors inserted in gallery.
    Otherwise, plugin works as expected

Viewing 6 replies - 1 through 6 (of 6 total)

  • What concrete evidence do you have that this plugin was the vector for the hack? (And if you do have evidence, please don’t post details here).

    Thread Starter Vuk Stankovi?

    (@vuks89)

    I have scanned it with wp-scan tool and it told me that there is a security risk linked with plugin.
    After that I have downloaded everything connected with plugin to my computer and scanned it with antivirus. Result was 2 backdoor files inside gallery folders that I removed

    If this was whilst the plugin was on your site, then all it proves is that your site was hacked. It doesn’t prove that the plugin was the vector. Hackers can, and often do, change files all over the place – including plugin files – and will usually leave backdoors in unobtrusive places like uploads folder or plugin sub-folders.

    Based on what you have reported thus far, I would say that the plugin is innocent and that its files simply happened to be targeted by the hacker who had already gained access to your site.

    Plugin Contributor photocrati

    (@photocrati)

    @esmi – Thank you for your reply.

    @vuk Stankovi? – Any details you can provide to us from your scan, I can forward to our developers to look into. Please don’t post them here, please submit as a bug report here: https://www.nextgen-gallery.com/report-bug/ . Your bug report will go directly to our developers. If there is anything we can do to help tighten up the plugin, we’re always looking for ways to improve the plugin where possible. Regarding security measures for your site to help prevent hacks in the future, I’d suggest looking into these plugins:

    Bulletproof Security
    WordPress Firewall 2

    For more tips and suggestions, check out our article here on how to help secure your site: https://www.photocrati.com/help-prevent-wordpress-site-breaking-hacked/

    We don’t claim to be experts and can’t guarantee our suggested plugins will prevent all attacks and protect 100%. I personally have used them on my site and they do appear to work well in my experience. Hope this helps!

    Best,
    –Becky

    Thread Starter Vuk Stankovi?

    (@vuks89)

    I didn’t save wp-scan output, but I did save backdoor file I have found in gallery folder.
    I’m not sure if it is of any help.

    Plugin Contributor photocrati

    (@photocrati)

    @vuk Stankovi? – Sure, send us the information (not the bad file ?? ) as a bug report (here: https://www.nextgen-gallery.com/report-bug/ ) and we’ll take a look. Any information you can recall from the scan will help us investigate. Thanks!

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘Hacking opprtunity’ is closed to new replies.