Plugin disabled

  • Resolved School Reading List

    (@schoolreadinglist)


    2 years, 9 months ago

    We’re seeing some very strange activity with version 3.2.5 of your plugin.

    Firstly, according to Hostgator, when upgrading to 3.2.5 it caused cpu processes to rise to 78% resulting in our account being limited.

    Then an automatated server mallware check flagged this folder “uploads/wpo”

    Then Wordfence flagged several files titled “test.php” created by your plugin.

    Then your plugin tried to send the following via SMTP:

    “`[DEBUG] : Setting up .htaccess file
    [DEBUG] : Should we use webp?
    [DEBUG] :
    [DEBUG] : Setting up .htaccess file
    [DEBUG] : Setting up .htaccess file
    [DEBUG] : Setting up .htaccess file
    [DEBUG] : Setting up .htaccess file
    [DEBUG] : Setting up .htaccess file
    [DEBUG] : Setting up .htaccess file
    [DEBUG] : Setting up .htaccess file
    [DEBUG] : Setting up .htaccess file
    [DEBUG] : Setting up .htaccess file
    [DEBUG] : Setting up .htaccess file
    [DEBUG] : Setting up .htaccess file
    [DEBUG] : Setting up .htaccess file
    [DEBUG] : Should we use webp?`”

    (Note the above was repeated 500 times. Our email security system kicked in to prevent the email from breaking cpu limits.)

    Clearly your plugin has been compromised. We’ve removed it from all our sites.

    Please let us know when it works again.

Viewing 2 replies - 1 through 2 (of 2 total)
Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Plugin disabled’ is closed to new replies.