Posting to Facebook as Whytoshy

  • Hi there! I have your plugin installed on several sites & have 2 that I’ve checked so far where it posts to FB as WhytoShy.
    My client called last night & complained because it also included a link from the Facebook post to a multi-level-marketing scam instead of the client’s blog post.
    I found a thread on WordPress forums where another user had same problem (posting to FB as Whytoshy) & a responder found that FB App ID hardcoded into the functions.php file.
    Any idea why this is happening? Any idea how to resolve? Just removing it from Functions.php is what I will do — but it seems like it’s a symptom of a vulnerability or another problem?
    Your input would be helpful — I need to know whether I can continue to use this plugin.
    Thank you!
    L

    https://www.ads-software.com/plugins/social-share-boost/

Viewing 1 replies (of 1 total)
  • gbdesign

    (@gbdesign)

    Good catch Lins. This plugin has SPAM/VIRUS links embedded in it and caused us lots of grief trying to figure out which one was the issue! It masquerades like its harmless BUT when you share a post it credits some phantom user “Whytoshy” which directly links to a spam/virus site: warning-virus-crash.com/infection.dill/ I have screenshots to prove this. Apart from this being disgusting and the worst plugins I’ve ever installed I’m shocked how it got past the www.ads-software.com team? PLEASE REMOVE this plugin from your site and the WP Repo immediately!

Viewing 1 replies (of 1 total)
  • The topic ‘Posting to Facebook as Whytoshy’ is closed to new replies.