WordPress.org

Ready to get started?Download WordPress

Forums

Theme Test Drive
Malware Warning! (8 posts)

  1. Felix
    Member
    Posted 1 year ago #

    Since today when going to the Theme Drive options page I get a malware warning in google chrome saying it contains content from "xxxindianxxx.com" which is "known for distributing malware"

    http://wordpress.org/extend/plugins/theme-test-drive/

  2. esmi
    Forum Moderator
    Posted 1 year ago #

    That url is not in a fresh download of the plugin, so I can only assume that it is your site that has been hacked. You need to start working your way through these resources:
    http://codex.wordpress.org/FAQ_My_site_was_hacked
    http://wordpress.org/support/topic/268083#post-1065779
    http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/
    http://ottopress.com/2009/hacked-wordpress-backdoors/

    Anything less will probably result in the hacker walking straight back into your site again.

    Additional Resources:
    Hardening WordPress
    http://sitecheck.sucuri.net/scanner/
    http://www.unmaskparasites.com/
    http://blog.sucuri.net/2012/03/wordpress-understanding-its-true-vulnerability.html

  3. Felix
    Member
    Posted 1 year ago #

    Naw, I'm not hacked. The plugin settings page contains an iframe at the authors website (latest version after re-install)

    http://prelovac.com/plugin/news.php?id=5&utm_source=plugin&utm_medium=plugin&utm_campaign=Theme%252BTest%252BDrive

    Is the origin of the malware warning. Try this url in Chrome. It's straight from the plugin.

    The author should maybe take a look at that.

  4. mmeida
    Member
    Posted 1 year ago #

    The same message for me. I've just installed the plugin few minutes ago an get the Google warning screen when I wanted go to the options page: "xxxindianxxx".

    Regards.

  5. esmi
    Forum Moderator
    Posted 1 year ago #

    There is an issue on the plugin author's site - not in the plugin.

  6. Felix
    Member
    Posted 1 year ago #

    Well the authors site is called in the plugin, thus affecting any admin who opens the plugins settings page. That's why I brought it to attention.

    Thank you

  7. esmi
    Forum Moderator
    Posted 1 year ago #

    Reported to plugins [at] wordpress.org

  8. Vladimir Prelovac
    Member
    Plugin Author

    Posted 1 year ago #

    The issue was fixed, thanks for letting me know

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic

Tags

No tags yet.