Hacked my site

  • I’ve never had an issue like this before.
    After having this plugin to my site for a month, today I opened my frontpage to see that SFL plugin has added an index.html page that demonstrates the logo and features of Simple File List to every user that opened the page. Even non logged users.

    The content of the page is

    Simple File List
    Put a List of Files on Your Website

    Simple File List is a basic WordPress file list with optional front-side uploader. The WordPress plugin provides an easy-to-integrate basic user interface allowing visitors, clients, customers, or associates to see a listing of your files (separate from the media library) and optionally upload files if you choose.

    and I want to make a notice to everyone that has it installed.
    Check your site!

Viewing 1 replies (of 1 total)
  • Plugin Author Mitchell Bennis

    (@eemitch)

    Hi Johnny,

    I apologize for your troubles. This wasn’t a hack, but a bad update. A very few instances had a problem where the routine that checks to see if your file list directory is protected from direct indexing mistakenly placed the index.html file (which does tat job) in your WordPress home folder. Deleting this file is all that’s needed to fix the issue.

    This update issues was quickly fixed and the problem version, 4.2.1, was only available for about 24 hours starting last Monday the 13th.

    This would be a good time to remind folks to always check their site after updating plugins, themes or even WordPress itself. Never update and then go upon your merry way. Check each time.

Viewing 1 replies (of 1 total)
  • The topic ‘Hacked my site’ is closed to new replies.

Tags