[Plugin: flickr-slideshow-wrapper] This plug-in can be hacked

Forgot. The hack results in download attempts of “Exploit javascript obfuscation 1494” whenever one went to a page where this plug-in was used:

https://www.avgthreatlabs.com/webthreats/info/javascript-obfuscation/

Did you even look at the source code? The plugin is not using anything you are mentioning here but standard function of flickr API.

“Did you even look at the source code? The plugin is not using anything you are mentioning here but standard function of flickr API.”

Take it up with websitedefender.com, not me. They’re the ones who called the plug-in out as a high security risk for wordpress.

Nope, I’m following up with you, as the plugin doesn’t contain any file /nav-h.php. It never had and it never will. I don’t know what you did when running the test, but it is not part of the plugin.

It’s possible that hackers, once they break into the site, could see this plug-in as a good opportunity to further their attack by modifying it. Why not take the information I’ve given you and contact websitedefender or some other security expert? It can only make your plug-in better

Are you an affiliate of them? Obviously … they don’t find any issues on my site, nor does google ban me for malware for over 10 years.

Can you please click on this topic being resolved.

This plugin does not contain a “nav-h.php” file. The “Website Defender” is mistaken.