Pretty Link Hacked?

  • Resolved eiwebdesign

    (@eiwebdesign)


    5 years, 5 months ago

    Had to have a shellscan of hosting on which several sites on which i use the plugin (one of my favorites) now show that Pretty Link files are all carrying a malicious payload.
    I also read on:
    https://firstsiteguide.com/tools/free-fsg/hacked-dangerous-vulnerable-wordpress-plugins/
    that there were versions (2.0.0./2.1.2) of Pretty Link that were hacked and wondering now if perhaps I’ve could been carrying over this issue for a while on sites despite keeping plugin updated?
    Trying to ascertain if there is a fix — OR if I will ultimately have to delete all links and the plugin — and if I make a brand new installation, and recreate my links if at all possible… will it then be safe and free from issues or will it resurrect the hack?
    Thanks

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Author cartpauj

    (@cartpauj)

    Hackers will often hide scripts in theme or plugin folders. It doesn’t necessarily mean they were able to attack through that plugin or theme.

    If you are on older versions of Pretty Links though, I would certainly recommend deleting them completely and re-installing the latest 3.x version.

    We did a major security audit and refactor prior to releasing Pretty Links 3.0.

    Deleting the plugin and re-installing it will not cause you to lose any links or data as it is stored in the database.

    Thread Starter eiwebdesign

    (@eiwebdesign)

    Thanks for that. It’s good to know I won’t lose the links — and the plugin has proven its value time and again.
    Kind regards.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Pretty Link Hacked?’ is closed to new replies.