aewing2021

Forum Replies Created

Viewing 2 replies - 1 through 2 (of 2 total)
  • Thread Starter aewing2021

    (@aewing2021)

    Yes, this was the same hack @valhard – redirect malware. Our sites were hit between 12pm and 4pm UK time.

    @dougp2021 – do a backup restore before updating the plugin. If you don’t have one then do a fresh WP core install and check the uploads folder for wp-stream.php and _lcl file – ours were in the root oof the uploads folder. There was also an injection in the WP root index.php file.

    Thread Starter aewing2021

    (@aewing2021)

    I can confirm that this related to patching to 2.07 version and that the issue is resolved with the latest update as far as we can see.

    We had to do full back-up restores, although so far as we could see the injection was into the file structure as opposed to the database.

    I would urge anyone to update all their sites running QuadMenu to 2.07 immediately. The security backdoor can still be exploited even if the plugin is installed but deactivated.

    A software update should suffice and mean no deactivation is necessary.

    Hopefully, that helps anyone else reading this who has experienced this issue.

    • This reply was modified 4 years ago by aewing2021.
Viewing 2 replies - 1 through 2 (of 2 total)