WordPress.org

Ready to get started?Download WordPress

Forums

Tell a Friend
HACKED - Plugin abused by malicious third parties (1 post)

  1. jacripe
    Member
    Posted 8 months ago #

    This plugin or one running under the same name was abused by a malicious third party, causing an account infection and the uploading of numerous other files. The origin of the tell-a-friend plugin was through the WordPress Dashboard plugin installer in this case, leading me to believe it was intentionally installed by the account owner and later abused by a malicious third party.

    Please review the plugin's code to ensure it does not permit file injection or malicious file uploads to the hosting account.

    http://wordpress.org/plugins/tell-a-friend/

Reply

You must log in to post.

About this Plugin

About this Topic