Plugins Hacked? (3 posts)

  1. gramey
    Posted 3 years ago #

    I just experienced something really odd on my multisite installation. I logged in to install a new plugin and noticed that there were a lot of plugins listed that I had not installed on my site. One of them really stood out because the description was in Russian. None of the plugins that I hadn't installed were activated. I have hardened passwords on my superadmin account but, just in case, I changed the password and logged back in. This time when I looked at the plugins, the ones that I hadn't installed were gone. I looked at the site via FTP and the only plugins there were the one's that I had installed.

    This has really got me baffled. Has anyone else experienced this?

    By the way, I have a WordPress firewall installed and a plugin that will limit login attempts. I have seen some activity recently but the firewall has reported that it blocked the attacks and the login attempts have been blocked.

  2. I've never seen that before. Are you sure the plugins aren't just installed and non-active on the network?

  3. The Hack Repair Guy
    Posted 3 years ago #

    Have you since changed all of your passwords, including your FTP password?

Topic Closed

This topic has been closed to new replies.

About this Topic