WordPress.org

Ready to get started?Download WordPress

Forums

WP-DBManager
How does malware get into the backups? (5 posts)

5 stars
  1. ShamaKern
    Member
    Posted 1 year ago #

    I have used this plugin for a long time. Recently I installed the Wordfence Security plugin also. However the scans indicate that there are several malicious urls in the database backups of WP DBmanager. I definitely did not put them on my site, and they only show up in the db backups. So I suspect that those malicious files somehow find their way into the db backups via some vulnerability. If I ever had to reinstall the database, I imagine I would have some nasty links on my site. Does anyone have any experience with this issue?

  2. ShamaKern
    Member
    Posted 1 year ago #

    Specifically what seems to be happening according to Wordfence Security is that the WP DBmanager file is changed to an earlier version. The original version is tested up to WP 3.5.1, but then it seems that the file was modified so that now the version which is only compatible up to WP 3.1.1 shows up. At least this is what shows in the code. I hope the developer can shed some light on this. I am using the latest version of WP DBmanager by the way.

  3. mbrsolution
    Member
    Posted 1 year ago #

    Hello ShamaKern is that warning shown on the text file or a php file?

    The folder that contains the database backup is protected via the .htaccess file. If you are concern of a potential injection then you could download the database locally and if you ever needed to update the database then simply upload it again to the same folder and update your database.

    I hope this helps with your questions.

    Kind regards

  4. dudleyrose
    Member
    Posted 1 year ago #

    Did you ever get an answer about this? Tonight my WordFence scan reported the same thing. It indicated a link to a dangerous site, Schlegel Photography.

  5. mbrsolution
    Member
    Posted 1 year ago #

    Hi @dudleyrose is the dangerous link inside the plugin's database? Or is inside the plugin's php code?

    No one out the more than 836,000 downloads have reported this issue. I suspect a comment linking back to a website. Remember the plugin only backups your database. If there is a dangerous link somewhere in a comment then the backup will register the dangerous link when using a security plugin like WordFence.

    I hope this helps you.

    Kind regards

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic

Tags

No tags yet.