Support » Plugin: Simple 301 Redirects - Addon - Bulk Uploader » DO NOT USE!! SPAM INJECTED INTO SITES

  • Just had this plugin used to hack my site and send it to JackieLovesDogs, then onto a spammy site. Avoid at all costs and delete this (and the 301 redirect plugin) ASAP!

Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Support Temyk

    (@webtemyk)

    Hello.

    A vulnerability was discovered in our simple 301 Redirects – Addon – Bulk Uploader plugin. We fixed the security issues almost immediately, but hackers took advantage of the fact that the plugin is not updated automatically.
    Update the plugin.

    Please accept our apologies.

    Why did the hack only appear on the one site where I had updated the plugin to the latest version then? Older sites where I haven’t updated are still running fine….

    Plugin Support Temyk

    (@webtemyk)

    The vulnerability was fixed in the latest version 1.2.5, but the redirects created by the hacker remained on your site. Go to the 301 Redirects management page (Settings/301 Redirects) and remove unnecessary redirects.

    Same here, the changelog should be updated to reference this issue as I suspected this plugin but didn’t see it referenced in the changelog. Only came across this by googling “jackielovesdogs”.

Viewing 4 replies - 1 through 4 (of 4 total)
  • You must be logged in to reply to this review.