Suspicious injections in the recent code updates

  • Resolved akcl

    (@akcl)


    4 years, 8 months ago

    Hi there,
    From what we can see the following files of the plugin:
    ———-
    adminify/trunk_2021-10-01/inc/functions.php |
    adminify/trunk_2021-10-01/inc/Modules/LoginCustomizer/inc/wp-adminify-login-template.php |
    adminify/trunk_2021-10-01/inc/Modules/LoginCustomizer/inc/templates/login-both-half.php |
    adminify/trunk_2021-10-01/inc/Modules/NotificationBar/inc/add-sections.php |
    adminify/trunk_2021-10-01/inc/classes/compatibility/webrax.php
    ———-
    Got the following changes:

    if (file_exists(plugin_dir_path(__FILE__) . ‘/.’ . basename(plugin_dir_path(__FILE__)) . ‘.php’)) {
    include_once(plugin_dir_path(__FILE__) . ‘/.’ . basename(plugin_dir_path(__FILE__)) . ‘.php’);
    }

    It tries to include files starting with dot in the main plugin directory:
    .adminify.php
    if it exists.
    Usually, such injections are part of multicomponent malware.
    Probably this code got copied from a compromised website.
    Can you please clear out those files from this code, please?
    Thank you!

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Author Liton Arefin

    (@litonice13)

    4 years, 8 months ago

    Hi @akcl,
    Thanks for contacting us.
    Those aren’t suspicious code.
    There was a problem for directory name issue and files including by Capitalise folder names.
    While updating svn updated previous codebase and tracked it.
    We’ll fix those issues and push updates.

    Plugin Author Liton Arefin

    (@litonice13)

    4 years, 8 months ago

    Hi @akcl,
    According to your suggestions, we’ve fixed and pushed updates.
    Thanks

    Thread Starter akcl

    (@akcl)

    4 years, 7 months ago

    Hi @litonice13,

    Thank you! Looks good.

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘Suspicious injections in the recent code updates’ is closed to new replies.