Support » Plugin: Tag Groups » Virus detected in tags pages

  • Resolved artyus

    (@artyus)


    Hello!

    Some of the tags created by your plugin are blocked by the antivirus. When trying to follow the link to the page of these tags from the frontend, a warning appears that this page is infected with JS: Downloader-PY [Trj] (see screenshot).

    Avast Free Antivirus is used.

    Can you clarify the situation?

    Respectfully,
    Farid Taziev.

Viewing 5 replies - 1 through 5 (of 5 total)
  • Plugin Author Chris

    (@camthor)

    Hi,

    This plugin does not create any tags. Does Avast tell you about the location of that specific file? If there is anything wrong, it sounds like a more general problem. The virus could be somewhere else on your site.

    Is there any information why you think that it has to do with this plugin? If you installed it from WordPress.org it should be exactly the code that is available here. (And it is open source so everyone can check it.)

    It is possible that the files were infected on your site. You could entirely remove the Tag Groups plugin and then install a clean version from https://wordpress.org/plugins/tag-groups/. If you still see the warning from the virus scanner, then the problem comes from somewhere else.

    Plugin Author Chris

    (@camthor)

    PS: I assumed before, that you downloaded the plugin from here (directly or through your Plugins page), version 1.31.0. Some sites offer the plugin for download, but they add bad code, so please make sure you use only sources that you can trust. I just mention it to make sure that you have the original file.

    Thanks for the quick response.

    Yes, I have not formulated the problem correctly. I used at the same time both your plugin for tag organizer and the “Custom Post Type UI” to create custom tags. Therefore, it is difficult to immediately understand which plugin caused the problem on some of the tag archive pages.

    All plugins on the site were installed in the official way from the WordPress.org site, also a powerful protection system (Wordfence) was initially installed and configured on the site, so the possibility of external infection is excluded (if Wordfence does not work, then not only my sites are at risk, but also several million other sites using it).

    Ok, I’ll try to contact with developers of “Custom Post Type UI”. Then, for now, we will assume that this is their problem.

    Have a nice day!

    Plugin Author Chris

    (@camthor)

    Thanks!

    I think that the people of “Custom Post Type UI” will also write something similar. 🙂

    If that would happen on my site, I would 1. make a complete backup and mark the backup as “infected” (keep the wp-content/uploads separately), 2. remove all files and 3. install a fresh WP and everything newly.

    You could also use a plugin like Wordfence to scan all files on your server.

    The “door” how the virus managed to enter your site could be totally different from the place where you find it now. The problem could even be on your server somewhere else. Viruses usually “hide” in somebody else’s code.

    I understand all this, and the site has been fully tested for viruses on numerous occasions, but Wordfence finds nothing. Backups are also made regularly.

    Perhaps the problem is precisely in the “Custom Post Type UI”: their plugin, despite over 800 thousand active installations, is currently marked as not having confirmation of compatibility with the current version of WordPress. Maybe that’s the reason.

Viewing 5 replies - 1 through 5 (of 5 total)
  • You must be logged in to reply to this topic.