WordPress.org

Ready to get started?Download WordPress

Forums

Add Linked Images To Gallery
A possible vulnerability? (2 posts)

  1. Jon W
    Member
    Posted 3 years ago #

    OK, this may not be connected and I really am clueless about coding, security etc.

    But a blog that I used this on was hacked the other day. I did a Google and found this site: http://www.bbqiguana.com/2011/05/iframe-insertion-php-exploit/ which talks about the exact same virus that I had on my site.

    My web host suggested that generally viruses get in through applications that allow uploads, which is why I Googled "Add Linked Images To Gallery" +exploit to see if any one else had reported a problem.

    This is a fantastic plugin, I found it extremely useful. But there is a possibility that it has an exploit that some hackers are using.

    If the problem is something else, I am really sorry for mentioning it. As I said, I am clueless about this stuff!

    http://wordpress.org/extend/plugins/add-linked-images-to-gallery-v01/

  2. Snaky Love
    Member
    Posted 2 years ago #

    An image you would like to upload to your server might not be an image - there are many ways that this plugin might pull in malicious stuff- from what I see there is no intense checking on what really is uploaded, so with some tweaking bad code might be smuggled on your server via this plug. Good suggestion to take a deeper look inside - but even better would be to know your sources - if you are using this plug to steal random images from the web it might be a kind of "Thank You" by other webmasters to not only send you good images... so only use it for sources you are absolutely sure you are allowed to republish on your site, that is the best method to avoid security problems.

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic