cdn.polyfill.io Malware issue in the plugin

Viewing 5 replies - 1 through 5 (of 5 total)

  • I am seeing this as well.

    See this for more info on the attack: https://polykill.io

    The easiest solution would be to change the domain to CloudFlare’s safe mirror: https://cdnjs.cloudflare.com/polyfill

    …or just remove the polyfill assuming you don’t have to support IE11: https://caniuse.com/promises

    Came here to mention that we scanned our hosting and found cdn polyfill.io being used by this plugin. Hope they can update this as soon as possible.

    Thread Starter most1879

    (@most1879)

    I have removed that from the plugin file, but you need to solve this before the next update, or it will happen again, am I correct?

    Plugin Support Saiful Islam

    (@saifislam01)

    Hi @most1879, @contrid, @rtvenge,

    Thank you for bringing this issue to our attention. I have escalated it to our development team. I hope they will address and resolve this in the next release.

    Your patience and continued support are appreciated.

    Best regards,

    Plugin Support Saiful Islam

    (@saifislam01)

    Hi?@most1879,?@contrid,?@rtvenge,

    We are pleased to announce the release of the latest version of WP User Frontend free (v4.0.8). This update addresses and resolves previously reported Polyfill issues.

    We highly recommend updating to WP User Frontend Free (v4.0.8) at your earliest convenience. Should you encounter any issues following the update, please do not hesitate to inform us.

    Thank you for your continued support.

    Best regards,

Viewing 5 replies - 1 through 5 (of 5 total)
  • You must be logged in to reply to this topic.