Malware vulnerability with the latest version

  • Stay away from this plugin, it contains malicious code in the latest version. Before activating it I would wait for a new version from the developer.

Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Author Support

    (@nikelschubert)

    Hi, the newest version 2.10.1 should not have this vulnerability anymore.

    The problem is: even if you update to the newest version the malware stays injected in the database. So you have to check the plugin settings and save them over to remove the malware.

    I am really sorry for that. I have hired an external auditor now to check for additional vulnerabilities.

    Regards

    Thread Starter zird0t

    (@zird0t)

    Hi, the malicious code comes out when updating to the latest version. Tested on two websites.

    I have now restored a backup of version 2.10, then deleted the plugin. How can I find the code injected into the database?

    Thread Starter zird0t

    (@zird0t)

    Can you tell me exactly where the code is placed in the database? How can I go about cleaning my website completely?

    Plugin Author Support

    (@nikelschubert)

    Hi the plugin stores the values in the options table of wordpress.

    If you do a

    SELECT * FROM options where option_name like “%nsc_bar%” ORDER BY option_name ASC;

    You should be able to find all the settings fields of the plugin to check them for the malware.

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Malware vulnerability with the latest version’ is closed to new replies.