Security problems with this one.

  • nightscribe

    (@nightscribe)


    7 years ago

    I don’t see anything else posted, and if you try to contact the author, you get pitched for a bunch of services that have nothing to do with the plugin.

    I installed this plugin on a site I built for a veterinarian’s office. That site, along with several others, was hacked, and malicious content was planted, specifically links to porn sites. I had to reconstruct most of the site to recover it, but when I got everything running again, I noticed that all of the search terms the plugin was registering were requests for porn material–a fairly long list, in fact.

    I uninstalled the plugin, believing that the search terms were left over from when the site had been hacked and the crawlers hadn’t updated the info. But when the terms kept coming back after several days, I looked in the database and found that the plugin had left all of its residue behind, even though I deleted it and asked that all related files be removed.

    I believe this is a serious shortcoming in this plugin–you should not have to remove data after deleting any plugin, and my experience is a good case in point for why.

Viewing 1 replies (of 1 total)
  • Plugin Author artifex404

    (@artifex404)

    7 years ago

    Sorry to hear that your sites were hacked. However, security is something that is taken seriously in this plugin.

    Do you have any logs or traces that this plugin is vulnerable to some attacks?

    Not removing the data on plugin uninstallation is a deliberate action, so that people could re-install the plugin without losing the data.

Viewing 1 replies (of 1 total)
  • The topic ‘Security problems with this one.’ is closed to new replies.