Suspected malware URL in readme.txt

Viewing 3 replies - 1 through 3 (of 3 total)

  • I received the same message from WordFence. I fixed the problem and deleted the plugin until I could learn more.

    It looks like one of the plugin translators has the URL for designcontest.com alongside their credit in readme.txt. Doing a quick Google search, that site may have been hacked years ago. Perhaps it’s on a blacklist somewhere that Wordfence uses.

    The offending section of readme.txt:

    Translators who did a great job converting the text of the plugin to their native language. Thank you!
...
* [Alexander Alexandrov](https://www.designcontest.com/) (Belarusian)

    I’ve deleted the readme as a precaution, but there’s no malicious code that I’ve discovered.

    WordFence said it was on a Google Blacklist, but I just checked and it must not be any longer. Thanks for the feedback.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Suspected malware URL in readme.txt’ is closed to new replies.