Plugin is security risk

  • I installed a plugin my host suggested I use. It’s a backup plugin from another site. I had an issue so emailed for support,.

    They showed the log of my logging into my FTP account which included my username and pass, list of plugins on that site, plus other info NO ONE should have access to.

    Username/pass is bad enough but my plugins???

    I changed passes all around but wonder if I can make a post warning people about this. I can send admins here the log as proof. But I feel people should be aware of this plugin’s backdoor.

Viewing 8 replies - 1 through 8 (of 8 total)

  • This is why we recommend that you only download themes & plugins from a trusted source such as www.ads-software.com. Some plugins (or themes) may be malicious and deliberately designed to obtain sensitive information from your site.

    Do yourself a favour – do not download anything from “some site”. After all, we cannot control the quality of anything outside of www.ads-software.com.

    Hm, I just went to find the site as it not on this computer but my laptop.

    I got it here. My host pointed me to another backup program. Glad I didn’t slam them ??

    Google pointed me here as the first listing.

    I’d be glad to forward their email to someone. I’ve changed all passes.

    If you did not download the plugin from https://www.ads-software.com/plugins/ there is absolutely nothing we can do about this.

    I got it here meaning this site. As I explained, my host recommended another script YOUR script has the backdoor. I’m sure my Google history on my laptop has proof. I’m on my iPhone right now.

    It’s not MY script. Can you identify the plugin please?

    Thread Starter SickSquirrelTwo

    (@sicksquirreltwo)

    Well, not you personally. I meant this site offered it. I’ll send you a PM with the proof. Give me a few to grab it.

    Thread Starter SickSquirrelTwo

    (@sicksquirreltwo)

    Guess PMs aren’t available here.

    Guess PMs aren’t available here.

    Correct. ??

Viewing 8 replies - 1 through 8 (of 8 total)
  • The topic ‘Plugin is security risk’ is closed to new replies.