WordPress.org

Ready to get started?Download WordPress

Forums

NextGEN Gallery
Are these database entries in wp_posts normal NextGen behavior? (4 posts)

  1. semidivine
    Member
    Posted 6 months ago #

    I'm nervous because I've been hacked recently...

    A security plugin I have says someone from a different IP than mine deleted several posts with post IDs that I didn't create. I see no evidence of this in my WP admin so I went into phpMyAdmin to see what I could find. What I found was none of the deleted post IDs but posts in the same post ID vicinity (i.e.. higher numbers than the last post I ever created) and they appear to be coming from NextGen, but I don't understand their purpose. I want to find out if they are legit.

    See the screen shot of my phpmyadmin:
    http://tinyurl.com/njjn5mr

    PS. I haven't added anything to my NextGen galleries in over a year.

    Thanks for your time.

    https://wordpress.org/plugins/nextgen-gallery/

  2. photocrati
    Member
    Plugin Author

    Posted 6 months ago #

    @semidivine - If you are not using the most current version of NextGEN Gallery, please update. Afterward, please clear the image cache under Gallery > Other Options > Miscellaneous.

    If you are using any sort of caching plugin or service also ensure those caches are completely cleared as well.

    Although I do not see any specific issue with the entries you are showing clearing all of those caches will at least ensure there is minimal amount of unneeded entries as is.

    - Cais.

  3. semidivine
    Member
    Posted 6 months ago #

    @photocrati...
    I am using the most recent version of NextGen (Version 2.0.66.17)
    I just did the cache clearing you suggested.
    Then I checked the database and there is a new "post" created by NextGen from today:
    http://tinyurl.com/nh4yfug
    All the other db entries are also still there. I don't understand what these are for and what is creating them. Can I just delete them?
    Thanks again.

  4. photocrati
    Member
    Plugin Author

    Posted 6 months ago #

    @semidivine - I cannot say for certain if it is safe to delete or leave those there as I do not know how those entries are actually being created although they do resemble similar entries in my test site's database.

    You noted you were recently hacked, are you certain you site was properly cleaned and there is no remaining issues from that attack on your server/site?

    - Cais.

Reply

You must log in to post.

About this Plugin

About this Topic