Vulnerability in plugin | WordPress.org

Resolved rhondasellers
(@rhondasellers)

6 years, 7 months ago
Hello,

My site got hacked and was redirecting, it appears to be due to a vulnerability in your plugin. From what I could find my wp options table got injected with the following:

[removed by moderator]

Can we get a new version out without these issues? Thank you!+
- This topic was modified 6 years, 7 months ago by James Huff.
- This topic was modified 6 years, 7 months ago by James Huff. Reason: exploit details removed
The page I need help with: [log in to see the link]

Viewing 2 replies - 1 through 2 (of 2 total)

Moderator James Huff
(@macmanx)

6 years, 7 months ago

Make sure that you’re running version 2.0, released 5 days ago, since it included security fixes: https://wordpress.org/plugins/wp-private-content-plus/#developers

If you already are, please send a report to plugins (at) wordpress (dot) org and do not share it on the forums, per forum rules: https://developer.wordpress.org/plugins/wordpress-org/plugin-security/reporting-plugin-security-issues/

Plugin Author nimeshrmr
(@nimeshrmr)

6 years, 7 months ago

@macmanx Thanks for the update

@rhondasellers Please update to version 2.0 and restore wp_options table to resolve this issue and protect against future attacks

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Vulnerability in plugin’ is closed to new replies.

2 replies
3 participants
Last reply from: nimeshrmr
Last activity: 6 years, 7 months ago
Status: resolved