Title: Possible hack
Last modified: August 31, 2016

---

# Possible hack

 *  Resolved [ttomasini](https://wordpress.org/support/users/ttomasini/)
 * (@ttomasini)
 * [10 years, 3 months ago](https://wordpress.org/support/topic/possible-hack-4/)
 * Several files were just added to my site with the following:
 * wp-content/plugins/updraftplus/vendor/guzzle/guzzle/src/Guzzle/Http/Message/PostFile.
   php
 * Is there a security issue with the plug, or do I have another problem?
 * [https://wordpress.org/plugins/updraftplus/](https://wordpress.org/plugins/updraftplus/)

Viewing 4 replies - 1 through 4 (of 4 total)

 *  Plugin Author [David Anderson / Team Updraft](https://wordpress.org/support/users/davidanderson/)
 * (@davidanderson)
 * [10 years, 3 months ago](https://wordpress.org/support/topic/possible-hack-4/#post-7123428)
 * Hi,
 * Please can you explain a bit more? I don’t understand what you mean by “with 
   the following” ?
 * David
 *  Thread Starter [ttomasini](https://wordpress.org/support/users/ttomasini/)
 * (@ttomasini)
 * [10 years, 3 months ago](https://wordpress.org/support/topic/possible-hack-4/#post-7123544)
 * Hello David,
 * Maybe a better question is are these files legitimate in the plugin folder?
 * wp-content/plugins/updraftplus/vendor/guzzle/guzzle/src/Guzzle/Http/Message/PostFile.
   php
 * wp-content/plugins/updraftplus/vendor/guzzle/guzzle/src/Guzzle/Http/Message/RequestFactory.
   php
 * wp-content/plugins/updraftplus/vendor/guzzle/guzzle/src/Guzzle/Http/Message/RequestInterface.
   php
 * wp-content/plugins/updraftplus/vendor/guzzle/guzzle/src/Guzzle/Http/QueryAggregator/
   CommaAggregator.php
 * wp-content/plugins/updraftplus/vendor/guzzle/guzzle/src/Guzzle/Http/Message/RequestFactoryInterface.
   php
 * Thanks,
 * Terry
 *  Plugin Author [David Anderson / Team Updraft](https://wordpress.org/support/users/davidanderson/)
 * (@davidanderson)
 * [10 years, 3 months ago](https://wordpress.org/support/topic/possible-hack-4/#post-7123556)
 * Hi Terry,
 * Yes, there are files with those names in UD.
 * That doesn’t indicate either way whether hackers have injected code into pre-
   existing files in your website, of course. (And if they have, it doesn’t indicate
   how they got in before doing so).
 * You can browse the official file list for a plugin by going to the “Developers”
   tab on the plugin page, BTW. Or by unzipping the zip from the plugin and having
   a look.
 * David
 *  [rogeriolemesp](https://wordpress.org/support/users/rogeriolemesp/)
 * (@rogeriolemesp)
 * [10 years, 3 months ago](https://wordpress.org/support/topic/possible-hack-4/#post-7123647)
 * Is there a way to point out possible infections using the information on the 
   backup logs? I have one backup from october las year and another from march this
   year. They seem to have very different sizes.

Viewing 4 replies - 1 through 4 (of 4 total)

The topic ‘Possible hack’ is closed to new replies.

 * ![](https://ps.w.org/updraftplus/assets/icon-256x256.jpg?rev=1686200)
 * [UpdraftPlus: WP Backup & Migration Plugin](https://wordpress.org/plugins/updraftplus/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/updraftplus/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/updraftplus/)
 * [Active Topics](https://wordpress.org/support/plugin/updraftplus/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/updraftplus/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/updraftplus/reviews/)

 * 4 replies
 * 3 participants
 * Last reply from: [rogeriolemesp](https://wordpress.org/support/users/rogeriolemesp/)
 * Last activity: [10 years, 3 months ago](https://wordpress.org/support/topic/possible-hack-4/#post-7123647)
 * Status: resolved