Plugin HACKED

Hello @ pzmarketing,

Please follow the instructions below:

1) Make sure you have updated the plugin to the latest version 3.64.1.
2) Inside the popup settings from ‘Custom JS or CSS’ https://prnt.sc/rgcdqa please remove all unknown codes and save the popup.

Please let us know about your progress and sorry for any inconvenience.

Seems to be a very recurring issue with this plugin. SQL Injection vulnerability after SQL Injection vulnerability time and time again.

https://wpvulndb.com/vulnerabilities/9495
https://wpvulndb.com/vulnerabilities/10073

I’m going to recommend that this plugin gets removed from WordPress’s repos.

Hi @kevp75,

We are terribly sorry for the caused inconvenience.
After the last update (3.65) which was implemented due to the security reasons, the custom JS scripts were deleted.
This was intentional update which we had to do in order to keep the websites of our customers safe and secure.
Please try to add them again and let us know in case of any questions.
Our team is apologizing and we hoping that our customers can be understanding due to the circumstances.

While I can appreciate the apology, and I do understand that things like this do happen, unfortunately I cannot recommend the plugin to my clients, in addition to replacing it. It’s just been too many times the same issue has occurred, and I deal with hospital and medical websites. Simply put, I cannot risk it, nor can I recommend it.

Hey @kevp75,

This is surely your opinion and choice.
Again, we are deeply sorry for the caused inconvenience.
I hope you can understand us in this situation and you too know that cases like this can happen with any kind of digital software. However, this doesn’t mean that we are not sorry and we didn’t do our best to resolve it in a couple of hours. Once we noticed the vulnerability, we had fixed very quickly.

Have a great day and stay healthy.