• Update : no Trojans injected as indicated below . It was from theme developer. Works good.

    The plugin works just fine, but noticed its ingesting a Java script Trojan upon exporting your website. Beware of using this plugin. See the attached image and this js was never part of the website, but upon exporting it, prime mover is injecting Trojans.

    Injected assets=>js=>plugins=>jquery.syotimer.min.js into my themes addon plugin.

    • This topic was modified 1 year, 1 month ago by mohan2see.
    • This topic was modified 1 year, 1 month ago by mohan2see.
Viewing 6 replies - 1 through 6 (of 6 total)
  • Plugin Author Codexonics

    (@codexonics)

    Hi, thanks for taking the time to review. We’ve checked the latest and previous releases of Prime Mover and we don’t use this file syotimer.min.js.

    You can check this by doing a grep searching the plugin for this file and file name matches:

    find . -exec grep -l -s "syotimer" {} \;
    find . -exec grep -l -s "syotimer.min.js" {} \;
    find . -name "*syotimer*" ! -name "*:*" -print
    find . -name "*syotimer.min.js*" ! -name "*:*" -print

    Prime Mover during export simply adds the original file to WPRIME archive and that’s it. If the WPRIME archive is altered (e.g. someone will tamper it) after it was being exported – the archive will automatically get corrupted and it cannot be restored for security reasons.

    It’s possible that your theme addon plugin already has this file before export and uses it. Can you please share the name of this theme add on file? Or it could be that some third party code (e.g. your theme) or other active plugins in your site uses contains this JS File.

    We’ve searched this JS File by googling – it looks like this syotimer.min.js is part of an open source library for which you can check it’s code here:

    https://github.com/mrfratello/SyoTimer

    This code has a Github repo and it looks this is a jQuery timer plugin and nothing malicious on it. Most likely your theme or your theme add on plugin uses this JS library as part of their normal processes.

    Please re-check and reconsider removing this one star review if my point is valid. If you think I’ve miss something – please share us a copy of the following (in the source site before the export is made)

    • A copy of your theme adds on plugin before the export (original)
    • A copy of your theme (parent theme and child theme – if using child theme)
    • A full copy of your active plugins including the Prime Mover version that you are using.

    Please zip all of these and send us a link to download these files to our development team in this form.

    We will help you analyze your plugins to see where this is coming from. Thank you again!

    Thread Starter mohan2see

    (@mohan2see)

    I want to share my findings in image but this website doesn’t allow me to do that. Also I checked with the theme developer and they don’t recognize it either. As far as I can see, I don’t have this file in the original theme files, only added during website export. Also I don’t believe it’s not malicious since my antivirus is alerting me this file specifically and I don’t recognize this file at all.

    name of the Addon is nest-addon from nest theme.

    • This reply was modified 1 year, 1 month ago by mohan2see.
    Thread Starter mohan2see

    (@mohan2see)

    One additional thing I did was that, after restoring this backup I manually deleted the aforementioned .js file and clicked export again. Was expecting the backup not to have this .js file, but that was not the case

    Plugin Author Codexonics

    (@codexonics)

    Thank you for the details. We would like to reproduce this issue in our end to see if it was possible – can you please provide us the following?

    • Re-generate a test export.
    • After export is made, please share the resulting WPRIME archive to us. You can upload this to Google Drive.
    • Go to Prime Mover -> Advanced -> Advanced Settings Panel -> Debugging Tools -> Download log and click “Download log file“. This will download the complete migration log of the export.
    • Go to Prime Mover -> Advanced -> Advanced Settings Panel -> Upload/Download Parameters -> Export site info and click “Export site info“. This will download your site info details including your Prime Mover settings data. This is your site information log.

    Please send us all the logs/details and screenshots including link to download the WPRIME package to developer contact page. Please don’t post in this forum since these are sensitive information.

    Nest theme/add on seems to premium themes so providing us the WPRIME package would help us reproduce this issue. We will debug your package and understand how this file was being added during export process.

    Thread Starter mohan2see

    (@mohan2see)

    My apologies. I updated my review, it looks like this file is coming from theme developer. I just downloaded the latest theme and addon version, and they contain this file.

    Plugin Author Codexonics

    (@codexonics)

    Thank you for updating the review to 5 stars ! It was nice to know that this file was indeed from your theme/add on version. Cheers 🙂

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘Nice plugin’ is closed to new replies.