abossola

Indeed removing some of the IPs resolves the issue. Unfortunately, they just keep coming back so the only option is to disable the ban list for now. Thanks for the heads up on the upcoming fix. Seems like they need to be stored in the DB somehow. UGH. Probably not an easy fix…

we are having the same issue. The plugin works perfectly except for the lack of detailed errors to the customer. The errors for admin are detailed but for some reason the end-user does not get detailed errors.

oops, this was another accessibility plugin NOT THIS ONE.

This one is perfectly fine.

My apologies.

I’ve found 4 sites using https://www.ads-software.com/plugins/wp-accessibility/ that are hacked. 3 on different servers and 2 more, both of which I don’t even manage or have anything to do with. The Sucuri Scanners are showing the same exploits. Either that or there was a hole somewhere else. I’m guessing its this plugin since they all share this same common denominator. I let the plugin devs know but no reply yet.

they all seemed to have a similar exploit as seen here https://share.getcloudapp.com/Jru7WZA8

once I deleted the plugin the actual root of the cause was gone. At that point, there was an injection of some kind. To add further headache, out of nowhere an admin user was created using some sort of fake WooCom email address.

All 3 sites seemed to be running different versions of WooCommerce too. I suppose it very well could be Woo related as well but the fact it was nested in the plugin was sort of a red flag to me.

We were running the latest versions of WP Accessibility Helper. Usually, I can sniff out the malicious code but this was really sneaky. I reported to Sucuri but unfortunately, I had deleted the plugin prior to the cleanup.

We were using the latest version of WordPress too. All other plugins were updated too.

the footer had a big gap in it and there were some weird iframes like so https://share.getcloudapp.com/04ugKEmZ. They were being created by this https://share.getcloudapp.com/7KuyRQL1

Hope that helps.

I don’t mean to cause alarm but if its a glaring hole hopefully we can knock it quickly.

And sorry I half posted info… I accidentally posted the rest of the info to another similarly named plugin… oops.

• This reply was modified 5 years, 3 months ago by abossola.

I totally agree. The fact that all these sites use this and the hack was in that plugin just seemed like a red flag. I didnt mean to post twice. Its been a long day… I will shoot you an email now. Id like to keep using this and appreciate the work you put into it.

Sure thing, they all seemed to have a similar exploit as seen here https://share.getcloudapp.com/Jru7WZA8

once I deleted the plugin the actual root of the cause was gone. At that point, there was an injection of some kind. To add further headache, out of nowhere an admin user was created using some sort of fake WooCom email address.

All 3 sites seemed to be running different versions of WooCommerce too. I suppose it very well could be Woo related as well but the fact it was nested in the plugin was sort of a red flag to me.

We were running the last versions of WP Accessibility too. Usually, I can sniff out the malicious code but this was really sneaky. I reported to Sucuri but unfortunately, I had deleted the plugin prior to the cleanup.

We were using the latest version of WordPress too. All other plugins were updated too.

Hope that helps.

I don’t mean to cause alarm but if its a glaring hole hopefully we can knock it quickly.

Looks like the Share feature is not working either. Actually all of this is ONLY in Chrome…

• This reply was modified 5 years, 3 months ago by abossola.

I even noticed a site that i dont manage using it is hacked. I could be wrong but its worth making sure this is looked into.

The one for your theme
https://www.converticacommerce.com/support-maintenance/how-to-edit-functions-php-in-wordpress/

Just add it to the functions.php file.

Yes, using the latest version of WordPress and WooCom.

@smokingblends

You can use the same snippet above to add a Global identifier using Null as the value. Its not ideal but it works and removes the warnings.

add_filter('woocommerce_structured_data_product', function($markup, $product) {
	$markup['gtin13'] = 'null';
	$markup['brand'] = 'Kats Botanicals';
	return $markup;
}, 9, 2);

This seems to work for us….

add_filter('woocommerce_structured_data_product', function($markup, $product) {
	$markup['brand'] = 'Kats Botanicals';
	return $markup;
}, 9, 2);

BTW I reached out to Klaviyo support. Here was their reply:

We have reached out to WooCommerce to update the version of the plugin found in their plugin library!

I suggested they need to have their developers manage the plugin in the repo not ask Woo to do it.

I also asked that they take over the Gforms addon too. (A guy can dream right?)

• This reply was modified 5 years, 7 months ago by abossola.

Ugh, looks like we are both chasing our tails for some pretty useful functionality thats seemingly abandoned. Its a real shame Klaviyo doesnt support this or take over the Gforms addon. I can only imagine how many WordPress users they have… following…

yeah I was worried about that. Hopefully its not abandoned.