[Plugin: Slideshow Gallery Pro] Malware Target?

  • I was notified by my hosting provider (Dreamhost) that one of my WP installs had been (possibly) compromised. The file of concern was ../wp-content/uploads/slideshow-gallery-pro/oldtemp.php, which did have weird permissions and ownership.

    Not to be alarmist or anything, but if you are using this plugin, you might want to check your setup and see if that file is a problem for you.

    https://www.ads-software.com/extend/plugins/slideshow-gallery-pro/

Viewing 1 replies (of 1 total)
  • Plugin Author cpres

    (@cpres)

    Thank you for bringing this to my attention!

    I am the contributor of the plugin and haven’t heard of this before. If anyone out there can help me make that folder more secure and still allow my plugin to upload images to it that would be very helpful!

    As far as the uploader is concerned it only allows png, jpg, gif. So it accessed that folder in a different way.

Viewing 1 replies (of 1 total)
  • The topic ‘[Plugin: Slideshow Gallery Pro] Malware Target?’ is closed to new replies.