WordPress.org

Ready to get started?Download WordPress

Forums

Sociable
[resolved] Image Causing Malware Detected Flags (18 posts)

  1. Mat Lipe
    Member
    Posted 2 years ago #

    I noticed that today when going to the "Select Sociable Options" Screen /wp-admin/options-general.php?page=sociable_select, Chrome turns the screen red and with the "Warning: Something's Not Right Here" screen.

    It states the the site contains content from "commitse.ru" which is known to distribute malware.

    I have narrow down the issue to an image which's source is "http://balon24.com.ar/wp-content/plugins/sociable/images/Fueto_Sociable.png". This image does in fact direct to the "commitse.ru" website.

    Please remove this image from the plugin so It may be used without hacking it or a BIG RED MALWARE SCREEN

    http://wordpress.org/extend/plugins/sociable/

  2. Mat Lipe
    Member
    Posted 2 years ago #

    Upon more investigation This image's link does in fact redirect you to a link which downloads Malware.

    It can be found on line 145 in the /includes/class-sociable_Admin_Options.php file.

  3. flavious
    Member
    Posted 2 years ago #

    Just found the exact same issue. I deleted the sociable plugin as a precaution.

  4. Karen Lewis
    Member
    Posted 2 years ago #

    Ditto. Was just installing on a client's blog and FF alerted me to the Malware issue. Deleted immediately.

  5. nothin7
    Member
    Posted 2 years ago #

    Please let us know when this is fixed!

  6. jpavacic
    Member
    Posted 2 years ago #

    Interesting, I don't have the sociable plugin but am getting the red screen anyway. Any suggestions?

  7. Mat Lipe
    Member
    Posted 2 years ago #

    Where are you setting it?

  8. Mat Lipe
    Member
    Posted 2 years ago #

    Sorry seeing not setting. My photon is touchy

  9. Allan Hunkin
    Member
    Posted 2 years ago #

    removing line 145 worked but for some reason CuteFTP downloaded the file into my user/data,temp file. I might have double clicked on the file when I saved it in the editor which is a part of CuteFTP but it doesn't make sense that it downloaded it to that directory.

    Now in Settings, the Sociable menu item has been turned to white, it still goes to the right page but I don't know how to turn the word back to the right color. I deactivated the plugin (in the single site that I am working on which is a site within my network (3.4.1)

    Where do I fix that please?

  10. Mat Lipe
    Member
    Posted 2 years ago #

    The file was designed to automatically download mailware to your computer. If a file has been downloaded you should delete the file immediately and scan for and remove any trace of Malware that may have come along with it.

    As far as the white options screen, you may have a broken tag. I would try to delete the entire <div> that this image lives in.

    Unless the developer of this plugin fixes this issue quite soon, I will be deleting it from all of my sites and moving on to another solution.

  11. QuietNoise
    Member
    Posted 2 years ago #

    Same here. It is very suspicious.
    You folks should try other solutions as this one is dangerous for your visitors.
    There might be some other trap in it and you don't know when it is gonna trigger.

  12. bbenz62
    Member
    Posted 2 years ago #

    Same thing here. Deleted the plugin ...

  13. luizbueno
    Member
    Posted 2 years ago #

    Well... since I donĀ“t have the tech skill that you folks have, I deleted the plugin until further notice.
    thank you all.

  14. ferne97
    Member
    Posted 2 years ago #

    I just deleted lines 123 - 156 in the /includes/class-sociable_Admin_Options.php to get rid of the whole fueto block.

  15. The Plugin Team has alerted sociable. If there's no reply soon, we'll close the plugin or forcibly fix it for them.

    And this, kids, is why we snark at any plugin that has external images. *sigh*

  16. Samuel Wood (Otto)
    Tech Ninja
    Posted 1 year ago #

    I have forcibly updated the plugin to remove the advertising code that was causing the malware warning.

    The new version has been bumped to 4.3.3. It will be available in the repository shortly, and an upgrade notification will be sent to all blogs running the plugin.

    Sociable has been informed of this forced-update to their plugin via email.

  17. techgeekandmore
    Member
    Posted 1 year ago #

    Sorry folks 4.3.3 now breaks the entire WP blog. When you update to 4.3.3 any text on any blog page disappears....

    So its now broken in a different way.

    Ive disabled plug in on my pages....

  18. Samuel Wood (Otto)
    Tech Ninja
    Posted 1 year ago #

    It looks like some of the files were missing in 4.3.3 for some reason. No idea why, since they were in my copy.

    I've readded those files to 4.3.3. Re-download the ZIP and do the upgrade again.

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic

Tags

No tags yet.