rossanthony

Hi Carson,

Great plugin, appreciate your efforts in developing this! Concerning the errors mentioned above, I’m curious to know whether it is still under active development and whether you plan on releasing an update with these fixes included? I’ve applied both of the suggested patches above and the PHP notices are now gone. However I encountered another one, pertaining to the dashboard widget…

Notice: Undefined index: dashboard_gad in /wp-admin/includes/dashboard.php on line 130

Changing wp_register_sidebar_widget() to wp_add_dashboard_widget() in gad-admin-dashboard.php seems to resolve it…
https://gist.github.com/hypedev/5999188/revisions

Thanks,
Ross

What about plugins?

Good point, but they’re all widely used and I’m fairly certain they’re all from trust worthy sources…

• Advanced Custom Fields
• WPML Multilingual CMS
• W3 Total Cache
• Simple Page Ordering
• Custom Taxonomy Sort
• Google Analytics Dashboard

Do you have any installed that may have vulnerabilities/code that obtains access to the database but doesn’t sanitize properly?

This doesn’t seem to me like it was a database exploit, as all the content in the database survived unscathed luckily. It was just the files inside /wp-content/uploads/ which were completely wiped clean!

Thanks for your reply esmi,

Is this site on a shared server?

No, it’s on a VPS running ubuntu + apache.

The fact that the site was hacked does not automatically imply that WordPress was the vehicle used to crack the server.

Agreed, but if that was the case and someone gained access to the server via SSH/terminal for example, then they would have been able to do even more damage than just remove files from the upload folder. It seems to me like a php or shell script was uploaded via WordPress after they’d got in by brute force. As I said there were records of several curiously named files having been uploaded into the media library, see here. Any ideas how these could have got there?