WordPress.org

Ready to get started?Download WordPress

Forums

WP Widget Cache
Widget Cache vulnerability? (2 posts)

  1. vich11
    Member
    Posted 1 year ago #

    Yesterday I happened to check the /wp-content/widget-cache directory and I found HUNDREDS of subdirectories for sites I had never heard of and many of which looked very sketchy (porn sites, etc.). I deleted all the directories and let the plugin recreate my local site sub-directory, and this morning I'm already seeing more unfamiliar directories in there:

    199.19.78.238/
    1f2a5db3d9b3a7df3345a4d43503bd4c/
    3bce3dd074f899d0e919ac4e9dfc1856/
    47330dff55c0c55ba8b1c2e222ce2158/
    63e21ec33b54094d2325990a8b3e6c05/
    999487ad80449975e0b0975c8e17032a/
    bestallgoods.com/
    d4f2a0259bbc380dc61e7130a25b00f6/
    pop.sc****t.com/
    sc****t.com/
    sc****t.com./
    sc****t.com:80/
    http://www.lcg.org/

    The ones that start with "sc" are my site. I've obfuscated the directory name for security reasons.

    Why, and how, are other directories for other sites being created in the widget-cache directory? This is VERY disconcerting.

    http://wordpress.org/extend/plugins/wp-widget-cache/

  2. astrasuite
    Member
    Posted 1 year ago #

    Same here .... wonder how they got in ...

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic