I need help to get rid of a WordPress exploit (?gf_page=upload)

  • Many visitors trying to access www*mywebsite*com/?gf_page=upload just after a fiverr guy started leading traffic to my site.

    I’ve made a search and found that this exploit is a vulnerability of the Gravity Forms plugin which i don’t use (i use Contact Forms), but i couldn’t do anything except Wordfence scan, also Virustotal scan was clean.

    Please suggest me what to do.

Viewing 5 replies - 1 through 5 (of 5 total)

  • Many visitors trying to access www*mywebsite*com/?gf_page=upload

    If you don’t use the vulnerable plugin, you don’t need to do anything. I see these in my logs all the time along with dozens of other attempts to find vulnerable plugins and themes.

    If you have a problem with one IP address in particular you can block it if you like, but it wont keep those attempts from showing up in your logs.

    Thread Starter MyWPun

    (@mywpun)

    They are from various IPs, i can’t block them all, after all Wordfence don’t save the full log.
    You can see a part of the log here:
    https://hpics.li/5024c8a

    I think that the guy i hired resells a traffic full of hackers, lesson learned the hard way.

    I’m more concerned about the bull**** fake virus audio alert/pop-under scam that showed up on page you just linked to.

    Good luck to you.

    Thread Starter MyWPun

    (@mywpun)

    Thank you anyway,
    I’m using AdBlock so nothing show up.

    I’m more concerned about the bull**** fake virus audio alert/pop-under scam that showed up on page you just linked to.

    So essentially we have a webmaster trying to scam site visitors (with a fake virus alter), who has now been scammed… One simple word – Karma!

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘I need help to get rid of a WordPress exploit (?gf_page=upload)’ is closed to new replies.