Support » Plugin: Export any WordPress data to XML/CSV » Got a trojan with this plugin.

  • I downloaded this plugin and it did what it was supposed to do but it also gave me trojan that infected my site as well as another 10 or so sites on the same hosting account. It also redirected my site to a malicious site.

    I deleted this plugin as well as a couple of others I thought might be the cause of the virus that I had downloaded at the same time and cleaned up the mess and got it off all of my sites.

    The sites remained clean for about a week and a half, and then after second guessing what had infected the sites, I tried downloading the plugin again. Immediately after download, I ran a scan with WordFence and found the virus was back.

    Don’t download. You will get a virus if you do.

Viewing 1 replies (of 1 total)
  • Plugin Contributor WP All Import

    (@wpallimport)

    It is very unlikely that WP All Export was the reason your site was hacked. There are 50,000 active installs for the free version, and thousands of others using the Pro version, and nobody else has reported being hacked.

    When plugins have the kind of vulnerabilities you describe, attacks are launched in bulk across thousands of sites. Or sometimes plugins like WordFence will throw false alarms on legitimate code, but I was unable to reproduce this in my tests just now.

    In any case, we would like to see the specific error/trojan/virus that you are getting so that we can be sure that WP All Export is not the source of the problems you are encountering.

    Please submit a support request to http://www.wpallimport.com/support/

Viewing 1 replies (of 1 total)
  • You must be logged in to reply to this review.