Security issue – Linux.BackDoor.WordPressExploit

  • Resolved glecourtois

    (@glecourtois)


    2 years, 2 months ago

    HI,

    Recent, vulnerability found in WordPress and WP-Piwik is one of the plugins witch could be Hack and let non-autorised user to inject code. Do you planned to make an security Update ?

    Thanks

    Germain LECOURTOIS, CTO@SLOOP

    The page I need help with: [log in to see the link]

Viewing 2 replies - 1 through 2 (of 2 total)

  • I’d also like to know if the current version is impacted by this vulnerability.

    For now, uninstalled the plugin on 3 websites.

    Seems that some similar hack was reported 5 years ago in github?https://github.com/braekling/WP-Matomo/issues/66

    Plugin Author braekling

    (@braekling)

    Until now, it did not receive any further information about this issue, so I’m not able to validate it.

    But: If I get the Dr.Web article right, it is pointing to outdated versions of WP-Matomo:

    If sites use outdated versions of such add-ons, lacking crucial fixes, the targeted webpages are injected with malicious JavaScripts.

    Dr.Web, Linux backdoor malware infects WordPress-based websites

    With the latest release (1.0.27) WP-Matomo already contains a security fix, currently I expect that this one already solved the issue. If I get any other information and there is still a vulnerability in the latest version, I will provide a fix asap, of course.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Security issue – Linux.BackDoor.WordPressExploit’ is closed to new replies.