plugin hacked, i think

Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Author Andrew Ozz

    (@azaozz)

    No, this has nothing to do with TinyMCE Advanced. This plugin is not accessible/doesn’t do anything unless the user is an administrator and is logged in.

    Unfortunately disabling/removing it won’t clean your site. More info: https://codex.www.ads-software.com/FAQ_My_site_was_hacked.

    Thread Starter rob2k

    (@rob2k)

    Thank you for the prompt reply.

    You may well be right as I’m no expert, although I am Admin for all the infected sites.

    However, after disabling TinyMCE Advanced, and using WP Edit instead, I have yet to see the SPAM link again on any of my WP sites.

    Previously it would appear randomly and my users reported it.

    I’ve had no reports since I changed to WP Edit.

    Thread Starter rob2k

    (@rob2k)

    Well, it seemed to work but then it came back intermittently.

    Either the sites are just infected now and I’ll have to rebuild from scratch or it’s something else.

    I started to suspect Customize Meta Widget as it’s very new version 0.2

    So I’ve disabled that and it seems to have worked, again!

    Plugin Author Andrew Ozz

    (@azaozz)

    Yeah, unfortunately you will need to clean everything properly and “close the door” from where they got in. First step is to contact your hosting company, see if they can restore a known good backup, etc.

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘plugin hacked, i think’ is closed to new replies.