Support » Plugin: Cart2Cart: WP e-Commerce Shopsoftware to WooCommerce Migration » This is malware!!!!!!!!!!!!!!!

  • Be warned, do NOT download this plugin. It phones home, downloads a file and then extracts it to your server. Reporting this plugin for removal! This is a gigantic hack/backdoor.

Viewing 3 replies - 1 through 3 (of 3 total)
  • Moderator Jan Dembowski

    (@jdembowski)

    Forum Moderator and Brute Squad

    That’s a very serious accusation. If you have real proof (and your site being compromised isn’t proof) please send the technical details to the plugin team at plugins [at] wordpress.org and that will be investigated.

    Plugin Author Cart2Cart

    (@cart2cart)

    Hello guys,

    We’re afraid it’s some kind of bitter misunderstanding. A file which is downloaded is a Connection bridge – it is used to retrieve products/customers/orders from your Source store and transfer them to a Target store. With each Connection Bridge, we provide a unique Security Token (32 digit) assigned to your account during the registration. Such measure will let no user, except you, access your database.

    It phones home in order to get the latest bridge version. In the near future, we are going to change this functionality and add a Connection bridge to the archive so that we will avoid phoning home.

    Sorry for confusion.

    Best regards,
    Cart2Cart Team

    Plugin Author Cart2Cart

    (@cart2cart)

    Hi again,

    We’ve taken into account your suggestions and reuploaded all our migration modules with the Connection Bridge files zipped into modules themselves. As the result, Cart2Cart migration modules do not phone back home to download the bridge anymore.

    We hope it will help us avoid similar misunderstandings in the future. Thank you for contributing into improvement of Cart2Cart!

    Kind Regards,
    Cart2Cart team

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘This is malware!!!!!!!!!!!!!!!’ is closed to new replies.