The Sociable plugin, version Version 220.127.116.11, appears to have been hijacked today. Around 1pm Eastern U.S. time it caused our blog posts to not display the blog contents and to display what appeared to be the site navigation menu for killerstartups.com.
Here’s what it’s injecting into the source
[Moderator Note: Please post code & markup between backticks or use the code button. Your posted code may now have been permanently damaged by the forum’s parser.]
I’m having the same issue on my site and not sure what to do. Guidance would be appreciated.
Simply disable or cancel installation untill resolved vulnerability. Also my site this night, 2013 sept 19, was hijacked. Resolved disabling and deleting.
There’s only one thing for it. You must disable the Sociable plugin.
I hate to say it, but the fact that these guys haven’t addressed the breach or done anything about it means they aren’t looking after their plugin any more. Just as well to find an alternate solution, of which there are many 🙂
Erh…. this plugin is only compatible/tested up to 3.3.2 … which would anyone still be running the code…? I mean, I’on ok running 3.5.x tested stuff, but 3.3 ?
- The topic ‘You're aware you've been hacked?’ is closed to new replies.