WordPress.org

Forums

Zingiri Web Shop
Watch out for security issue! (3 posts)

  1. Joy
    Member
    Posted 1 year ago #

    There must be a security vulnerability in this plugin, because my 404 log shows it and I have only one plugin: Better WP Security.
    The URL that they couldn't find was /wp/wp-content/plugins/zingiri-web-shop/fws/ajax/init.inc.php

    http://wordpress.org/plugins/zingiri-web-shop/

  2. Gwyneth Llewelyn
    Member
    Posted 1 year ago #

    Using BulletProof Security, which logs many 'suspicious' calls, I have also detected some calls to:

    /wp-content/plugins/zingiri-web-shop/fwkfor/ajax/uploadfilexd.php?fh=/../../../../../../wp-admin

    In my case, fortunately the hackers have been targeting the wrong website, because that one didn't have Zingiri installed.

  3. zingiri
    Member
    Plugin Contributor

    Posted 1 year ago #

    That's an old security issue, you're best to upgrade to the latest version of the plugin or if you're not using it, then delete the plugin files.

Topic Closed

This topic has been closed to new replies.

About this Plugin

  • Zingiri Web Shop
  • Frequently Asked Questions
  • Support Threads
  • Reviews

About this Topic

Tags