Hack/exploit of this plugin: my experience and how I worked it out
-
Hello everyone.
As reported from other users here this plugin has been hacked/exploited.
Please read the post for further information.
I would like to share with you my experience and how I worked it out, because I truly believe that this could be helpful for others.
Basically, I, all of a sudden, find out that people visiting my website were redirected to other (malicous) websites. Furthermore, I couldn’t access my dashboard. I also tried to restore a previous back-up of my website and disabling all the plugins. Nothing worked.
After reading all the suggested solutions (and other cases) in the abovementioned post, I finally managed to have my website back to normality by:
- With the help of my hosting company, I found and deleted an .htaccess file created by the invader inside the folder of another plugin.
- As suggested by @theprometeus in the abovementioned post, I’ve:
- Changed my database password and (possibly) the username.
- Reset my WP salts and unique keys inside wp_config.php.
- Reset the siteurl and home inside wp_options table in the database. You can do this using these commands
UPDATE wp_options SET option_value = 'yoursiteurl' WHERE option_name = 'siteurl'; UPDATE wp_options SET option_value = 'yoursitehomepage' WHERE option_name = 'home';
After regaining access to the dashboard, I’ve immediately updated the ND Shortcodes plugin to the latest version which, according to the author, hopefully fix the vulnerability.
Everything is now working fine. Fingers crossed.
Hope this helps.
- The topic ‘Hack/exploit of this plugin: my experience and how I worked it out’ is closed to new replies.