Security Issue w/ Injected Links
-
I have an odd issue here. I’m hosting a site that’s running the latest version of WordPress, and very few plugins, among them an older copy of WooCommerce (2.1.12, Jan 2014). The theme is MyCuisine from Elegant Themes. A couple days ago porn links started showing up in various places around the site, mostly WooCommerce pages, but also the site’s wp-login.php file (there was no malicious code in this file at all, but the links were appearing just after the login fields).
When I disable WooCommerce, all the links go away. When I reenable the plugin, they don’t come back. Has anyone seen this behavior before and perhaps know which vulnerability it may be tied to? We’re working to update the template files so we can upgrade to the latest version of WooCommerce, but I’ve been looking around for info on WooCommerce security issues and haven’t found anything like this.
Thanks.
- The topic ‘Security Issue w/ Injected Links’ is closed to new replies.
