Ads displaying when active

hackrepair
(@hackrepair)

5 days, 13 hours ago

I’m only posting in case someone is/has experiences unexpected Ads appearing in the footer when installed:

=== Grow for WordPress ===
Contributors: teamgrow
Tags: social, sharing, grow, subscribe
Requires at least: 5.2
Tested up to: 6.8
Requires PHP: 7.4
Stable tag: 1.5.3

A client of mine had this plugin installed in three sites, and all three had Ads displaying in the footer (with a malicious redirect in some ads).

Viewing 5 replies - 1 through 5 (of 5 total)

wpopt
(@wpopt)

4 days, 15 hours ago

I should point out that I’m not a Grow developer, but I came across this and wanted to comment.

Am I missing something here – ads aren’t served from Grow, they’re going to be served from the ad network script (if this customer is a Mediavine or Mediavine Journey customer then they’ll have a Mediavine control panel plugin installed).

Have you verified that the ads are being output by Grow?

Furthermore, while undesirable, despite their best intentions, malicious ads can slip through ad networks’ checks. We get a handful of reports every year from people who think they’ve been hacked because of a weird redirect or popup, when in fact it’s always caused by a rogue ad. Such behaviour should be reported to the ad network immediately so they can identify and remove the offending ad!
Thread Starter hackrepair
(@hackrepair)

4 days, 15 hours ago
Yes, that was the main purpose of my post. I’m not pointing fingers. I’m only reporting to the community that on three separate websites (one on a separate unaffiliated web host), a malicious redirect was occurring on each of the three sites (rather randomly).

[Mediavine control panel plugin is not installed on any]
- This reply was modified 4 days, 15 hours ago by hackrepair.
wpopt
(@wpopt)

4 days, 14 hours ago
Which ad network, if any, does this user use? I’m not super familiar with Grow, I don’t know if it takes the place of the Mediavine control panel and outputs the script wrapper into the site itself.

You’re being a bit sparse with details – if the sites are *supposed* to have ads showing on them, then a malicious ad needs to be reported to the ad network. It’s not something directly related to this plugin and so reporting it here isn’t the appropriate location for that.

If the sites are *not* supposed to have ads, then this is the appropriate place to report such an issue, assuming you have correctly ascertained that it is indeed this plugin which is responsible for outputting those (and assuming the display of ads isn’t detailed in their terms of use somewhere – in which case the issue still needs to be reported directly to Mediavine)
- This reply was modified 4 days, 14 hours ago by wpopt.
Thread Starter hackrepair
(@hackrepair)

4 days, 14 hours ago
1. Ads displayed with periodic redirects when the plugin is active.
2. Stops when the plugin is deactivated.
3. It’s much harder to determine which ads are doing the redirect, as they’re always rotating, etc. By the time the redirect occurs, that “ad” had “fled the scene.”
4. True, I could dedicate hours to monitoring and try to ID the specific ads… But that was not the purpose of this post…
- This reply was modified 4 days, 14 hours ago by hackrepair.
wpopt
(@wpopt)

4 days, 14 hours ago

You didn’t mention whether or not these sites are supposed to have ads or not – if they are then I assume Grow is responsible for outputting the script wrapper which serves ads on the site, so the presence of ads in itself isn’t indicative of a problem.

As mentioned, if the sites are not supposed to have ads then this would need to be addressed by the plugin developer.

I’m sorry – I’m not trying to be difficult to you – I’m just a strong believer in clear, well-defined scopes and issue descriptions 🙂

Viewing 5 replies - 1 through 5 (of 5 total)

You must be logged in to reply to this topic.