Support » Plugin: flickr-slideshow-wrapper » [Plugin: flickr-slideshow-wrapper] This plug-in can be hacked

Viewing 7 replies - 1 through 7 (of 7 total)
  • Christopher Skyi

    (@wordswordsseowords)

    Forgot. The hack results in download attempts of “Exploit javascript obfuscation 1494” whenever one went to a page where this plug-in was used:

    http://www.avgthreatlabs.com/webthreats/info/javascript-obfuscation/

    Jeannot Muller

    (@jeannotmullerramgadcom)

    Did you even look at the source code? The plugin is not using anything you are mentioning here but standard function of flickr API.

    Christopher Skyi

    (@wordswordsseowords)

    “Did you even look at the source code? The plugin is not using anything you are mentioning here but standard function of flickr API.”

    Take it up with websitedefender.com, not me. They’re the ones who called the plug-in out as a high security risk for wordpress.

    Jeannot Muller

    (@jeannotmullerramgadcom)

    Nope, I’m following up with you, as the plugin doesn’t contain any file /nav-h.php. It never had and it never will. I don’t know what you did when running the test, but it is not part of the plugin.

    Christopher Skyi

    (@wordswordsseowords)

    It’s possible that hackers, once they break into the site, could see this plug-in as a good opportunity to further their attack by modifying it. Why not take the information I’ve given you and contact websitedefender or some other security expert? It can only make your plug-in better

    Jeannot Muller

    (@jeannotmullerramgadcom)

    Are you an affiliate of them? Obviously … they don’t find any issues on my site, nor does google ban me for malware for over 10 years.

    Can you please click on this topic being resolved.

    This plugin does not contain a “nav-h.php” file. The “Website Defender” is mistaken.

Viewing 7 replies - 1 through 7 (of 7 total)
  • The topic ‘[Plugin: flickr-slideshow-wrapper] This plug-in can be hacked’ is closed to new replies.