1. mdjasper
    Posted 2 years ago #

    My site was hacked via this plugin enabling hackers to gain access to phpsendmail and distribute pornography via our wordpress installation.

    {CAV}PHP.Trojan.Spambot : /wp-content/plugins/tell-a-friend/ticketkRS.php
    {HEX}php.cmdshell.unclassed.344 : /wp-content/plugins/tell-a-friend/tell-a-friend.php

    tell-a-friend.php http://pastebin.com/nDKMMjMu

    ticketRS.php http://pastebin.com/8xR03AAs

    BIndex.php http://pastebin.com/6aMfuffN


  2. The Hack Repair Guy
    Posted 2 years ago #

    A relatively comment event. Hacker likely gained access to your FTP account and uploaded the files or used your Admin password to add their own plugins.

    Changing password for everything would be my first thing to do.

    As a side note, the poor rating of this plugin may be a good lesson learned as well.

  3. melmelao
    Posted 1 year ago #

    What a coincidence, happened here too. I work in IT and know for a fact that these things may happen. But as a developer it is very irresponsible on your part to answer and just say "these things happen" and not even take a look at your own files. I will make sure my client does not install any more suspicious plugins without the proper research in the future, but at the same time YOU as the developer should take a look at your own code.

Topic Closed

This topic has been closed to new replies.

About this Plugin

  • Tell A Friend: Share/Bookmark/Email/Social Bookmarking Button
  • Frequently Asked Questions
  • Support Threads
  • Reviews

About this Topic