Support » Plugin: Easy WP SMTP » 5 sites hacked with version 1.3.9.1

5 sites hacked with version 1.3.9.1

  • miguel valero

    (@miguel-valero-1)


    2 months ago

    Lo diré en español estoy muy ccabreado con los desarrolladores de este plugin, que cantidad de trabajo tengo por delante ahora mismo. 5 sitios hackeados

Viewing 8 replies - 1 through 8 (of 8 total)
  • Plugin Support mbrsolution

    (@mbrsolution)

    2 months ago

    Hi, first of all sorry for the inconvenience.

    In regards to your title. Are you saying that you got hacked running the latest version 1.3.9.1?

    miguel valero

    (@miguel-valero-1)

    2 months ago

    Yes I confirm, I’m so sure about it. Finally I fixed all five web sites, but I spent at least six hours because no restore backup avaliable… I have cleaned database manually and after that I did login and via wordfence I cleaned all filles… wp-options compromise and unknown admin users found so… I unistall this plugin and install another similar…

    Plugin Support mbrsolution

    (@mbrsolution)

    2 months ago

    Thank you for reporting back.

    I am glad to know that you managed to fix your issue. Once again I apologize about this issue.

    Kind regards

    tombarton

    (@tombarton)

    2 months ago

    Devs can you please confirm is there is a possibility that exploits are still possible with the latest “patched” version?

    Plugin Support mbrsolution

    (@mbrsolution)

    2 months ago

    Hi, as far as I know no. The latest version fixes this issue. Are you having issues with the latest version?

    Regards

    Plugin Contributor Alexander C.

    (@alexanderfoxc)

    2 months ago

    There could be malicious code put on your site BEFORE you updated to 1.3.9.1, so you’d keep getting hacked until you clean it. Please read here for more info https://wordpress.org/support/topic/vulnerability-in-plugin-version-1-3-9/

    tdcsforeveryone

    (@tdcsforeveryone)

    1 month, 1 week ago

    Wordfence just flagged a file as malicious in my 1.3.9.1 install. Details below:

    Filename: wp-content/plugins/easy-wp-smtp/59f1958a5ef3c_debug_log.txt
    File Type: Not a core, theme, or plugin file from wordpress.org.
    Details: This file appears to be installed or modified by a hacker to perform malicious activity. If you know about this file you can choose to ignore it to exclude it from future scans. The matched text in this file is: eval($_POST[

    The issue type is: Suspicious:PHP/posteval
    Description: Suspicious code that will execute user input

    Plugin Support mbrsolution

    (@mbrsolution)

    1 month, 1 week ago

    @tdcsforeveryone, this report by Wordfence is a false positive report. The following file is created by the plugin when you enable the following option Enable Debug Log under Additional Settings.

    wp-content/plugins/easy-wp-smtp/59f1958a5ef3c_debug_log.txt

    There might be an option in Wordfence to exclude this file from being detected by the plugin as malicious.

    Let me know if you need more information or help.

    Kind regards

    • This reply was modified 1 month, 1 week ago by  mbrsolution.
Viewing 8 replies - 1 through 8 (of 8 total)
  • You must be logged in to reply to this review.

Views