website hacked and put virus on by someone that is working with wordpress

• 

  cnanco · Member · Oct 8, 2020 at 6:51 pm

  • Copy link
  • Add topic to favorites

  need you to please contact me asap

• 

  staartmees · Member · Oct 8, 2020 at 7:01 pm

  • Copy link

  Wordpress.com doesn’t have phone support. We can only help with sites running on the wordpress.com platform. What is the URL of your site?

• 

  cnanco · Member · Oct 8, 2020 at 7:47 pm

  • Copy link

  http://www.prodyntech.com we use Bluehost but used 24x7wpsupport.com to help design somethings for our website and after they did we started getting calls from customers saying there were inappropriate content popping up I have screen shots of the content and have sent the employee that put it on there and they deny knowing the employee. my second problem is that the plugins that the person / employee downloaded were to duplicate pages and website I just want to make sure that this gets addressed right away but I cant seem to get anyone to help or take responsibility for it. PLEASE HELP!

• 

  cnanco · Member · Oct 8, 2020 at 7:51 pm

  • Copy link

  This is one of the plugins downloaded WP File Manager the persons user name is mndpsingh287 his profile link is https://profiles.wordpress.org/mndpsingh287.

  the second one plug in that was downloaded is Duplicate Page same person or user name downloaded it.

• 

  staff-blorbo · Staff · Oct 8, 2020 at 10:55 pm

  • Copy link

  We do not offer phone support, and to clear up any confusion, WordPress.com and WordPress.org are two different entities: https://wordpress.com/support/com-vs-org/

  With that said, I have passed a report on this plugin developer to the Plugins Team over there.

  Additionally, we have absolutely no relationship with 24x7wpsupport, and neither does WordPress.org. Though they claim to be “official WordPress support” from time to time, that is a lie.

  WordPress.org has complete documentation for self-hosted/installed versions of WordPress.org at https://wordpress.org/support/ and support at https://wordpress.org/support/forums/

  Generally, they recommend that you carefully follow this guide. When you’re done, you may want to implement some (if not all) of the recommended security measures and start backing up your site.

• 

  staartmees · Member · Oct 9, 2020 at 6:50 am

  • Copy link

  The WP File Manager had a severe securityproblem, https://securityboulevard.com/2020/09/wordpress-websites-attacked-via-file-manager-plugin-vulnerability/

• 

  staff-blorbo · Staff · Oct 9, 2020 at 6:41 pm

  • Copy link

  In general, I recommend avoiding file manager plugins (it’s just way too much access to trust to someone else’s code), but that particular vulnerability was fixed a day before that report came out: https://wordpress.org/plugins/wp-file-manager/#developers