WordPress.org

Support

Support » Plugins and Hacks » Slick Social Share Buttons – SQL Injection Attack

Slick Social Share Buttons – SQL Injection Attack

Viewing 8 replies - 1 through 8 (of 8 total)
  • Hi,

    1. This may be aa problem either with WordPress or another plugin. There shouldnt be any errors with the buttons plugin that would cause this.

    2. No – this is a false warning generated by the overly sensitive firewall plugin. Just add the plugin to the firewalls whitelist

    3. Check internet for explanation but as per point 2 this plugin is not a security risk.

    Also next time I would appreciate not including my name in the title with such a “warning”. My name isnt used as the author of the plugin on this site so why would you want to be so blatant?

    Thanks for the reply remix4.

    Please let me clarify.

    First, my blog has was alright until I installed this plugin. I received non-stop firewall email warnings after I installed this plugin.

    Second, the firewall warnings specifically mentioned this plugin. I have more than 15 plugins in my blog.

    Third, the plugin could NEITHER be activated NOR deleted in WordPress. Why would that be the case?

    I appreciate your response and suggestion to whitelist it, but it doesn’t remove the fact that the plugin cannot be activated nor deleted, and that’s scary, while I repeated receive warnings.

    If anyone were to be in my shoes, they would feel the same concern.

    Separately, I consulted other experts who suggested I deleted the plugin through Filezilla to access my host files, and since deleting, the non stop string of attack notifications have stopped.

    Are you able to shed any light on this? I am not technical and so appreciate guidance on this matter, in case other plugins cause similar situations in future.

    Thanks and appreciate your views.

    As I mentioned the alerts are caused by an overly sensitive firewall plugin. Until it is added to the whitelist it will continue to produce these alerts.

    You can go ahead and just delete the plugin folder via FTP and this will automatically remove the plugin.

    Thank you for the response.

    As I also mentioned, the plugin could not be Activated NOR Deleted.

    That’s why it was worrying. It was sitting there, whilst the notifications came flying in.

    What might be the reason as to why this specific plugin could not be activated nor deleted in the wordpress backend/dashboard?

    Thanks for reading.

    See item 1 in original reply

    Thank you for the prompt response.

    As mentioned earlier there are more than 15 plugins in my blog.

    And only this particular plugin, upon being installed, could not be activated nor deleted. In addition, all the security warnings point specifically to this plugin. And only when this plugin was removed did the security warnings stop.

    I am curious what really happened. If it was due to other plugins, what might be the reason. I am concerned that if it was indeed due to other existing plugins, then the problem still exists even if I have deleted the said plugin.

    Pardon my ignorance as I am new and not technical, and may be asking the obvious to some of you.

    Regards

    I’ve just installed WordPress Firewall on a test site and it prevents the social share buttons plugin for being deactivated – so the problem is caused by interference from the Firewall plugin

Viewing 8 replies - 1 through 8 (of 8 total)
  • The topic ‘Slick Social Share Buttons – SQL Injection Attack’ is closed to new replies.
Skip to toolbar