This plugin is infected with an EXPLOIT

Viewing 4 replies - 1 through 4 (of 4 total)
  • Moderator Jan Dembowski

    (@jdembowski)

    Forum Moderator and Brute Squad

    @pinkish1 Very specifically, why exactly do you say that?

    Moderator Jan Dembowski

    (@jdembowski)

    Forum Moderator and Brute Squad

    *Drinks more coffee*

    That’s not any evidence that this plugin is responsible. It just means your site was hacked.

    Please remain calm and carefully follow this guide.

    When you’re done, you may want to implement some (if not all) of the recommended security measures.

    Thread Starter pinkish1

    (@pinkish1)

    Here’s what happened: on a freshly installed WordPress I added this plugin. Then I noticed the user_login had changed from “ravadmin” to “indoxploit”.

    View post on imgur.com

    No other plugins had been installed.

    There are a number of ways that a website can be hacked other than through a plugin, so just having a plugin installed on a website that then gets hacked doesn’t indicate that it had anything to do with the hack.

    We took a look over the plugin and didn’t find anything in it that looks like it could have allowed what happened to your website to occur, so it is unlikely that the source of the hack was the plugin.

    If the plugin was the source then there should be some evidence of that in the log files for the website.

    If you find some evidence of an actual connection between the plugin and the hack then you should provide that to the Plugin Directory so that they can work to resolve the issue.

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘This plugin is infected with an EXPLOIT’ is closed to new replies.