Wpadverts security breach on V. 1.5.0

  • CGC studio

    (@cgc-studio)


    4 years ago

    Hello
    One day after latest version 1.5.0 update, I had an attack via WP ADVERTS
    My host told me the following :
    “Our security systems have detected an outgoing email from your site where it detects the email as spam with this error message “Blocked (Too Many Invalid Recipients)”
    108 emails were sent today and 0 emails were sent yesterday.
    Email subject “Adverts : wneiyveyxu [email protected]
    Recipients: [email protected] and [email protected]
    Coming from the contact form https://xxxxx.com/advert/cession-de-patientele-cabinet-dentaire-holistique-paris-14eme/”

    So it means that since that version, a malware is sending emails from my domain.
    Could you please check the security of your plugin’s code and do your utmost to fix this apparent breach in your next update.
    Thank you foor informing me ASAP
    CGC

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Author Greg Winiarski

    (@gwin)

    Hi @cgc-studio ,
    sorry about the problem, does all of the emails look the same (that is are they sent to the same recipient with the same title and body)?

    Right now it looks like there is some kind of infinite loop while sending the message (it might be a conflict with a theme or some other plugin) rather than security breach.

    If you could send some more details via the contact form at https://wpadverts.com/contact that would be great, ideally I would like to know the answer to the question I asked above and the actual website URL if possible.

    In the meantime I would suggest downgrading to WPAdverts 1.4.6, also if you are worried that something in fact was uploaded to your website you can use Sucuri or WordFence scanner to check for malweare.

    Plugin Author Greg Winiarski

    (@gwin)

    BTW. if you will reply here please tag me so i will be notified via email about the reply.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Wpadverts security breach on V. 1.5.0’ is closed to new replies.