Title: Hackable
Last modified: September 3, 2016

---

# Hackable

 *  [awestroke](https://wordpress.org/support/users/awestroke/)
 * (@awestroke)
 * [10 years, 8 months ago](https://wordpress.org/support/topic/hackable-1/)
 * I’ve seen an automated hack targeting this plugin in my 404 logs.
    The wp-symposium/
   server/php/index.php file provides an entry point for automatic malware injection–
   the attacker uploads code to the directory and then runs it.
 * DO NOT USE THIS PLUGIN until this is is fixed!
 * This is from my 404 log:
 *     ```
       2015-09-02 12:08:28	/wp-content/plugins/wp-symposium/server/php/index.php	Mozilla/5.0 (Windows NT 6.3; WOW64; rv:36.0) Gecko/20100101 Firefox/36.0		94.153.10.149
       2015-09-02 12:08:28	/wp-content/plugins/wp-symposium/server/php/zpqSimONuzMcgD.php	Mozilla/5.0 (Windows NT 6.3; WOW64; rv:36.0) Gecko/20100101 Firefox/36.0		94.153.10.149
       ```
   

Viewing 1 replies (of 1 total)

 *  Plugin Author [Robert Dempsey](https://wordpress.org/support/users/robertd62/)
 * (@robertd62)
 * [10 years, 8 months ago](https://wordpress.org/support/topic/hackable-1/#post-8002955)
 * what is the version number you are running of WPS

Viewing 1 replies (of 1 total)

The topic ‘Hackable’ is closed to new replies.

 * ![](https://s.w.org/plugins/geopattern-icon/wp-symposium_246fc2.svg)
 * [Author: WP Symposium](https://wordpress.org/plugins/wp-symposium/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/wp-symposium/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/wp-symposium/)
 * [Active Topics](https://wordpress.org/support/plugin/wp-symposium/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/wp-symposium/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/wp-symposium/reviews/)

 * 1 reply
 * 2 participants
 * Last reply from: [Robert Dempsey](https://wordpress.org/support/users/robertd62/)
 * Last activity: [10 years, 8 months ago](https://wordpress.org/support/topic/hackable-1/#post-8002955)