Plugin is dumping transaction data into public file subordinated to wp-admin/

  • Resolved fraughtithrouble

    (@fraughtithrouble)


    1 year, 11 months ago

    This plugin is now dumping transaction data complete with all personal information of the donor, to a public file accessible from wp-admin/X where X is a name of a file which should not exist according to Wordfence… this is a SERIOUS security issue

Viewing 1 replies (of 1 total)
  • Plugin Support Collin Sasse

    (@collinsasse)

    Our plugin should not be creating files on your website with donor information. All donor information is stored in your WordPress database. This is most likely a misconfigured webserver. Please open a support ticket with us and share FTP and admin login information so that our team can investigate.

Viewing 1 replies (of 1 total)
  • The topic ‘Plugin is dumping transaction data into public file subordinated to wp-admin/’ is closed to new replies.