HACKED – Plugin abused by malicious third parties
This plugin or one running under the same name was abused by a malicious third party, causing an account infection and the uploading of numerous other files. The origin of the tell-a-friend plugin was through the WordPress Dashboard plugin installer in this case, leading me to believe it was intentionally installed by the account owner and later abused by a malicious third party.
Please review the plugin’s code to ensure it does not permit file injection or malicious file uploads to the hosting account.
- The topic ‘HACKED – Plugin abused by malicious third parties’ is closed to new replies.