Newstatspress

  • Resolved seyntjim

    (@seyntjim)


    8 years, 10 months ago

    Hello Eli,

    I have tried your plugin to check if my site is clean. The scanner found 1 known threat while scanning my site. It’s the newstatpress plugin and here’s the code.

    <iframe width=0 height=0 src=http://newstatpress.altervista.org/register.php?site=".$site."&ver=".$_NEWSTATPRESS['version']."></iframe>

    I just want to be sure if this plugin is a threat or not. Thank you!

    https://wordpress.org/plugins/gotmls/

Viewing 1 replies (of 1 total)
  • Plugin Author Eli

    (@scheeeli)

    8 years, 10 months ago

    One of the most common types of malicious injections use a hidden iframe. Hackers use iframes to execute code hosted on another site that might redirect your visitors or cause popups. This iframe looks like it was put there by the plugin developer to track how many people are installing and using their plugin. This iframe does not seem as malicious or invasive except for the fact that they are collecting data about you without your express consent. Also, there is always a risk when you execute code on a remote site within your admin that it could change at a later date and you have no control over what this remote code will do. For example, if their site got hacked then the hacker would have access to run malicious code in the admin of every user who activates this plugin.

    You obviously have a choice about how seriously you want to take this threat. You can decide what action to take in this case. If you use my plugin to automatically fix this threat then the iframe will be removed from this plugin but the plugin will still work without it, it just won’t report your activation and deactivation back to the developer’s site.

Viewing 1 replies (of 1 total)
  • The topic ‘Newstatspress’ is closed to new replies.