Plugins Hacked? | WordPress.org

gramey
(@gramey)

11 years, 8 months ago

I just experienced something really odd on my multisite installation. I logged in to install a new plugin and noticed that there were a lot of plugins listed that I had not installed on my site. One of them really stood out because the description was in Russian. None of the plugins that I hadn’t installed were activated. I have hardened passwords on my superadmin account but, just in case, I changed the password and logged back in. This time when I looked at the plugins, the ones that I hadn’t installed were gone. I looked at the site via FTP and the only plugins there were the one’s that I had installed.

This has really got me baffled. Has anyone else experienced this?

By the way, I have a WordPress firewall installed and a plugin that will limit login attempts. I have seen some activity recently but the firewall has reported that it blocked the attacks and the login attempts have been blocked.

Viewing 2 replies - 1 through 2 (of 2 total)

Moderator Ipstenu (Mika Epstein)
(@ipstenu)

🏳️‍🌈 Advisor and Activist

11 years, 8 months ago

I’ve never seen that before. Are you sure the plugins aren’t just installed and non-active on the network?

The Hack Repair Guy
(@tvcnet)

11 years, 8 months ago

Have you since changed all of your passwords, including your FTP password?

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Plugins Hacked?’ is closed to new replies.

Tags

In: Networking WordPress
2 replies
3 participants
Last reply from: The Hack Repair Guy
Last activity: 11 years, 8 months ago
Status: not resolved

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics