PHP Shell Script Infection with this plugin | WordPress.org

Resolved chronotrigga
(@chronotrigga)

9 years, 10 months ago

Hi,

My web server was recently under attack — somehow the user was able to get access to my wordpress website and upload a php shell script which edited all my .htaccess files to redirect to an ad website on mobile devices only.

I spoke with my hosting provider who told me that the hacker was able to get access through my one website with the only outdated plugin I had: UA mailchimp-for-wp 3.1.10

I realize that the plugin was last updated today, but has there been a case of this happening with other users? What security measures can be put in place with this plugin?

https://wordpress.org/plugins/mailchimp-for-wp/

Viewing 1 replies (of 1 total)

Plugin Contributor Harish Chouhan
(@hchouhan)

9 years, 10 months ago

Hello chronotrigga,

I’m sorry to know you faced such an issue. Please rest assured that our plugin had no such security issue including the old versions. We properly test our plugins and there have been no instances where such an attack was done through our plugin.

Viewing 1 replies (of 1 total)

The topic ‘PHP Shell Script Infection with this plugin’ is closed to new replies.

1 reply
2 participants
Last reply from: Harish Chouhan
Last activity: 9 years, 10 months ago
Status: resolved