WordPress.org

Ready to get started?Download WordPress

Forums

TDO Mini Forms
Think a malicious file may have been uploaded via TDO Mini Forms (2 posts)

  1. PinkishHue
    Member
    Posted 2 years ago #

    I just noticed a message in Google Webmaster Tools telling me one of my sites had a 'phishing' warning. The malicious files were saved in the directory that TDO Mini Form users use to add images to their posts.

    A file called server.exe had been uploaded to that directory, and within that directory the tmp directory contained folders as follows (which I have now deleted):

    wp-content/uploads/listingimages/tmp/4/windowslive/confirmation/

    I only had image file types included in the allowed files list so I don't know how a .exe file was uploaded.

    Just read the plugin author's post about this issue (http://thedeadone.net/blog/where-has-tdo-mini-forms-plugin-gone/) so it seems it is a known problem, but I thought posting this here might be of some use anyway.

    I have deleted the folders and hopefully the problem is now solved, but I hope there might be an update to the plugin some time because I like TDO Mini Forms a lot! :)

    http://wordpress.org/extend/plugins/tdo-mini-forms/

  2. Kiefer
    Member
    Posted 1 year ago #

    This plugin is not more on wordpress i guess

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic