email share module hacked.

  • my server crashed today because the disk was full, and when I went to check it out I noticed THOUSANDS of rejected messages in the mail queue, and was able to trace all of them to the email sharing module. Someone was able to send a ton of emails by posting to

    https://mysite/product/product-name/?share=email&nb=1

    I have turned off your plugin for now, but do you have any way to protect against this?

Viewing 5 replies - 1 through 5 (of 5 total)
  • Thread Starter Stephen S

    (@ssuess)

    hello?

    I can confirm that this is legit and the plugin has a vulnerability. It sends mass email with links using Baidu.

    From: xn--www-u28dx6ll0obinuzl7m7d46q1wo.bet12303.com <wordpress@(name removed)>
    To: [email protected]
    Reply-To: xn--www-u28dx6ll0obinuzl7m7d46q1wo.bet12303.com <[email protected]>
    Date: 2017-05-10 11:09:07
    Subject: [Shared Post] (name removed)
    Delivery-URI: smtp:tls:oauth2://smtp.gmail.com:587
    送你20园菜金,一元可村歀
    首存百分百,高额返水
    地址:https://t.cn/RXrqbla
    xn--www-u28dx6ll0obinuzl7m7d46q1wo.bet12303.com ([email protected]) thinks you may be interested in the following post:

    (name removed)

    • This reply was modified 7 years, 6 months ago by Samara.

    Not sure why my initial reply disappeared – I just want to confirm that this is legit and the plugin appears to have a vulnerability where it exploits the sharing function to mass email using Baidu when sharing is enabled.

    Moderator Kathryn Presner

    (@zoonini)

    @spadilla Your first reply was caught in the forum’s spam filter.

    Could you please email [email protected] to report this vulnerability.

    Moderator Kathryn Presner

    (@zoonini)

    I’m closing this thread to minimize the danger for everyone and have also contacted the plugin team directly.

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘email share module hacked.’ is closed to new replies.