countermind91

@gourl Updating the plugin to 1.5.4 version does not resolve the backdoor problem of keys being changed remotely.

The keys on our website got remotely changed again a few hours ago, even with latest 1.5.4 version

Your suggestion of changing the write permissions on gourl.hash file is also not resolving the cause of the backdoor problem itself. Any kind of backdoor should be treated extremely serious, especially when it comes to plugins that are used to process payments. I would expect at least an explanation on what caused the backdoor and what is being done on fixing it.

• This reply was modified 4 years, 6 months ago by countermind91.
• This reply was modified 4 years, 6 months ago by countermind91.

@bingobobby

We were using a 1.5.3 version at the moment the keys got replaced, updated it to latest 1.5.4 version today.

I checked /wp-content/upload/gourl/images folder and there is no php file inside. I also went through all the images and checked for php code inside, there is no php code inside any of the images for the current 1.5.4 version.

Still waiting for a response from developers.

Hello,

We received two emails yesterday evening with the same content about keys being changed.

After checking the keys in plugin settings, i discovered that keys were actually changed so its not only a fake message that is sent but keys are being actually changed remotely.

I have checked all the logs for possible breach to our wordpress backend, however there was no suspicious activity of any kind as all administrator logins were checked and clean.

This seems to be a major security concern considering that this plugin is used to proccess payments.

I request from the development team to come back with an explanation how is it possible for the keys to be replaced remotely and if their development team is the one behind changing the keys.

• This reply was modified 4 years, 6 months ago by countermind91.

But how can i then translate the body text to other language?