[Plugin: Extended Comment Options] Vulnerability? getting risky emails with links re this plugin
Hi – just flagging that it looks like websites that use this plugin may be used for scams. Possibly a vulnerability in the plugin ?
I got an email from someone I hardly ever communicate with
with just this link
so started googling, intrigued as to what the problem was
and found mention of hacked gmail accounts in last couple of days,
listing links also with this plugin listed
I also just received a link from a client’s Yahoo account (mass emailing) forwarding to a “friends.php” link inside a WP installation w/ Extended Comment Options.
OP – i’d recommend removing the full path to the image.php?miss164.jpg etc – if anyone here clicks that they may be exposed to malicious software.
To the plugin developer, i’d look into this
Reported up the chain for a review if it’s the plugin or just the folder they’re picking on.
It’s possible that the plugin’s vulnerable, but it’s also possible that it just happens to be the folder people are sticking their evil code in.
Thanks guys. I actually just received ownership of this from the original developer. I’ll take a look at it. I know I saw a lot of custom SQL in it when I looked through it earlier. I was planning on cleaning that up so I’ll look the whole thing over.
I asked Otto, who said he didn’t see anything in trunk as a problem (so that’s good!)
Not sure, but I think this is just a coincidence… e.g. somehow someone compromised your site and stuck some code in that file (or created a new file). I got an email from a friend at yahoo (had his account hacked) with this link: http://inscoremusic.com/wp-includes/piecemaker-images/info.php?coffee176.jpeg
I didn’t go to it because it was suspicious, and it looks similar to your link.
I’ve seen this with a few different hacked email accounts from various people. Not always from this plugin, but the same idea… [name].php?[image] must be a common exploit?
Yeah, layotte, I think that’s the case. People used to target Akismet that way (since they knew it’d be there). I don’t know if there’s anything you can do to prevent it, without actually seeing someone’s copy of a corrupt file.
If you have one, post it to pastebin.com and share 🙂
hello, I just got email with link to
- The topic ‘[Plugin: Extended Comment Options] Vulnerability? getting risky emails with links re this plugin’ is closed to new replies.