needed to deactive plugin due to hacking

  • Roeland Sanctorum

    (@roelandabovesecondbe)


    4 years, 7 months ago

    Hi,

    Our server suffered an attack through your plugin in one of our websites. After updating all to latest version attack restarted.
    so, for now have uninstalled your plugin, need to verify some 100 other websites if same problem occurs…
    Although our Defender plugin wasn’t reporting any malicious files the Flamingo plugin still acted weardly.
    In the logfile of Defender I found this:
    Description
    Guest added new Flamingo Inbound Message “[your-subject]”

    Context
    Flamingo Inbound Message
    Type
    content
    Ip Address
    196.52.84.46
    User
    Guest
    Date / Time
    March 31, 2020 8:12 am

    Our server logfile was reporting this issue:

    715 Query SELECT post_name FROM bbas19nov2019_posts WHERE post_name = ‘your-subject-57950’ AND post_type = ‘flamingo_inbound’ AND ID != 0 LIMIT 1
    710 Query SELECT post_name FROM bbas19nov2019_posts WHERE post_name = ‘your-subject-61007’ AND post_type = ‘flamingo_inbound’ AND ID != 0 LIMIT 1
    712 Query SELECT post_name FROM bbas19nov2019_posts WHERE post_name = ‘your-subject-60406’ AND post_type = ‘flamingo_inbound’ AND ID != 0 LIMIT 1
    715 Query SELECT post_name FROM bbas19nov2019_posts WHERE post_name = ‘your-subject-57951’ AND post_type = ‘flamingo_inbound’ AND ID != 0 LIMIT 1
    712 Query SELECT post_name FROM bbas19nov2019_posts WHERE post_name = ‘your-subject-60407’ AND post_type = ‘flamingo_inbound’ AND ID != 0 LIMIT 1
    710 Query SELECT post_name FROM bbas19nov2019_posts WHERE post_name = ‘your-subject-61008’ AND post_type = ‘flamingo_inbound’ AND ID != 0 LIMIT 1
    715 Query SELECT post_name FROM bbas19nov2019_posts WHERE post_name = ‘your-subject-57952’ AND post_type = ‘flamingo_inbound’ AND ID != 0 LIMIT 1
    712 Query SELECT post_name FROM bbas19nov2019_posts WHERE post_name = ‘your-subject-60408’ AND post_type = ‘flamingo_inbound’ AND ID != 0 LIMIT 1
    715 Query SELECT post_name FROM bbas19nov2019_posts WHERE post_name = ‘your-subject-57953’ AND post_type = ‘flamingo_inbound’ AND ID != 0 LIMIT 1
    710 Query SELECT post_name FROM bbas19nov2019_posts WHERE post_name = ‘your-subject-61009’ AND post_type = ‘flamingo_inbound’ AND ID != 0 LIMIT 1
    712 Query SELECT post_name FROM bbas19nov2019_posts WHERE post_name = ‘your-subject-60409’ AND post_type = ‘flamingo_inbound’ AND ID != 0 LIMIT 1
    715 Query SELECT post_name FROM bbas19nov2019_posts WHERE post_name = ‘your-subject-57954’ AND post_type = ‘flamingo_inbound’ AND ID != 0 LIMIT 1
    710 Query SELECT post_name FROM bbas19nov2019_posts WHERE post_name = ‘your-subject-61010’ AND post_type = ‘flamingo_inbound’ AND ID != 0 LIMIT 1
    712 Query SELECT post_name FROM bbas19nov2019_posts WHERE post_name = ‘your-subject-60410’ AND post_type = ‘flamingo_inbound’ AND ID != 0 LIMIT 1
    715 Query SELECT post_name FROM bbas19nov2019_posts WHERE post_name = ‘your-subject-57955’ AND post_type = ‘flamingo_inbound’ AND ID != 0 LIMIT 1
    710 Query SELECT post_name FROM bbas19nov2019_posts WHERE post_name = ‘your-subject-61011’ AND post_type = ‘flamingo_inbound’ AND ID != 0 LIMIT 1
    715 Query SELECT post_name FROM bbas19nov2019_posts WHERE post_name = ‘your-subject-57956’ AND post_type = ‘flamingo_inbound’ AND ID != 0 LIMIT 1
    712 Query SELECT post_name FROM bbas19nov2019_posts WHERE post_name = ‘your-subject-60411’ AND post_type = ‘flamingo_inbound’ AND ID != 0 LIMIT 1
    715 Query SELECT post_name FROM bbas19nov2019_posts WHERE post_name = ‘your-subject-57957’ AND post_type = ‘flamingo_inbound’ AND ID != 0 LIMIT 1
    712 Query SELECT post_name FROM bbas19nov2019_posts WHERE post_name = ‘your-subject-60412’ AND post_type = ‘flamingo_inbound’ AND ID != 0 LIMIT 1
    710 Query SELECT post_name FROM bbas19nov2019_posts WHERE post_name = ‘your-subject-61012’ AND post_type = ‘flamingo_inbound’ AND ID != 0 LIMIT 1
    715 Query SELECT post_name FROM bbas19nov2019_posts WHERE post_name = ‘your-subject-57958’ AND post_type = ‘flamingo_inbound’ AND ID != 0 LIMIT 1
    712 Query SELECT post_name FROM bbas19nov2019_posts WHERE post_name = ‘your-subject-60413’ AND post_type = ‘flamingo_inbound’ AND ID != 0 LIMIT 1
    710 Query SELECT post_name FROM bbas19nov2019_posts WHERE post_name = ‘your-subject-61013’ AND post_type = ‘flamingo_inbound’ AND ID != 0 LIMIT 1
    715 Query SELECT post_name FROM bbas19nov2019_posts WHERE post_name = ‘your-subject-57959’ AND post_type = ‘flamingo_inbound’ AND ID != 0 LIMIT 1
    712 Query SELECT post_name FROM bbas19nov2019_posts WHERE post_name = ‘your-subject-60414’ AND post_type = ‘flamingo_inbound’ AND ID != 0 LIMIT 1
    710 Query SELECT post_name FROM bbas19nov2019_posts WHERE post_name = ‘your-subject-61014’ AND post_type = ‘flamingo_inbound’ AND ID != 0 LIMIT 1
    715 Query SELECT post_name FROM bbas19nov2019_posts WHERE post_name = ‘your-subject-57960’ AND post_type = ‘flamingo_inbound’ AND ID != 0 LIMIT 1
    712 Query SELECT post_name FROM bbas19nov2019_posts WHERE post_name = ‘your-subject-60415’ AND post_type = ‘flamingo_inbound’ AND ID != 0 LIMIT 1
    715 Query SELECT post_name FROM bbas19nov2019_posts WHERE post_name = ‘your-subject-57961’ AND post_type = ‘flamingo_inbound’ AND ID != 0 LIMIT 1
    710 Query SELECT post_name FROM bbas19nov2019_posts WHERE post_name = ‘your-subject-61015’ AND post_type = ‘flamingo_inbound’ AND ID != 0 LIMIT 1
    712 Query SELECT post_name FROM bbas19nov2019_posts WHERE post_name = ‘your-subject-60416’ AND post_type = ‘flamingo_inbound’ AND ID != 0 LIMIT 1
    715 Query SELECT post_name FROM bbas19nov2019_posts WHERE post_name = ‘your-subject-57962’ AND post_type = ‘flamingo_inbound’ AND ID != 0 LIMIT 1
    710 Query SELECT post_name FROM bbas19nov2019_posts WHERE post_name = ‘your-subject-61016’ AND post_type = ‘flamingo_inbound’ AND ID != 0 LIMIT 1
    712 Query SELECT post_name FROM bbas19nov2019_posts WHERE post_name = ‘your-subject-60417’ AND post_type = ‘flamingo_inbound’ AND ID != 0 LIMIT 1
    715 Query SELECT post_name FROM bbas19nov2019_posts WHERE post_name = ‘your-subject-57963’ AND post_type = ‘flamingo_inbound’ AND ID != 0 LIMIT 1
    710 Query SELECT post_name FROM bbas19nov2019_posts WHERE post_name = ‘your-subject-61017’ AND post_type = ‘flamingo_inbound’ AND ID != 0 LIMIT 1
    712 Query SELECT post_name FROM bbas19nov2019_posts WHERE post_name = ‘your-subject-60418’ AND post_type = ‘flamingo_inbound’ AND ID != 0 LIMIT 1
    715 Query SELECT post_name FROM bbas19nov2019_posts WHERE post_name = ‘your-subject-57964’ AND post_type = ‘flamingo_inbound’ AND ID != 0 LIMIT 1
    710 Query SELECT post_name FROM bbas19nov2019_posts WHERE post_name = ‘your-subject-61018’ AND post_type = ‘flamingo_inbound’ AND ID != 0 LIMIT 1
    715 Query SELECT post_name FROM bbas19nov2019_posts WHERE post_name = ‘your-subject-57965’ AND post_type = ‘flamingo_inbound’ AND ID != 0 LIMIT 1
    712 Query SELECT post_name FROM bbas19nov2019_posts WHERE post_name = ‘your-subject-60419’ AND post_type = ‘flamingo_inbound’ AND ID != 0 LIMIT 1
    715 Query SELECT post_name FROM bbas19nov2019_posts WHERE post_name = ‘your-subject-57966’ AND post_type = ‘flamingo_inbound’ AND ID != 0 LIMIT 1
    712 Query SELECT post_name FROM bbas19nov2019_posts WHERE post_name = ‘your-subject-60420’ AND post_type = ‘flamingo_inbound’ AND ID != 0 LIMIT 1
    710 Query SELECT post_name FROM bbas19nov2019_posts WHERE post_name = ‘your-subject-61019’ AND post_type = ‘flamingo_inbound’ AND ID != 0 LIMIT 1

  • The topic ‘needed to deactive plugin due to hacking’ is closed to new replies.

Tags