Plugin css-ready-sele vulnerable?
-
Hey, i seen a lot wordpress sites that are using the plugin css-ready-sele and most of them are compromised so that a hacker can hosting a phishing attack over it and also spread backdoors over the webspace. So could anyone please check this plugin if its vulnerable and fix it. i’m workin for a webhoster and i felt that you should know this issue before your wordpress site is also used for a phishing attack. what i know that every compromised account has a zu.php in the main-wp-folder and short before the css-ready-sele plugin was installed. Also there are some files in the wp-admin folder this is the place where mostly the phishing content has been found. Thanks and keep your wordpress clean :)
-
Hi there,
I would suggest you start a thread at WordPress.org Forum,
Also, check the difference between WordPress.com Vs WordPress.org in our support document here: https://en.support.wordpress.com/com-vs-org/Thanks!
-
Hi again,
Please don’t post the plugin issue publicly in WordPress.org Forum, instead follow the instruction below:
If you find a plugin with a security issue, please do not post about it publicly anywhere. Even if there’s a report filed on one of the official security tracking sites, bringing more awareness to the security issue tends to increase people being hacked, and rarely speeds up the fixing.Please email (email visible only to moderators and staff) with a clear and concise description of the issue. It greatly helps if you can provide us with how you verified this is an exploit (links to the plugin listing on sites like secunia.com are perfect).
For more information please visit:
Thanks!
-
For the email address where you can report is available on this page:
Thanks!
-
- The topic ‘Plugin css-ready-sele vulnerable?’ is closed to new replies.
WordPress.com Forums 