Celebrating 5 Years! Get 25% off GP Premium with the discount code: CELEBRATING5

[Resolved] Security Warning on GP Premium Version: 1.7.5

Home Forums Support Security Warning on GP Premium Version: 1.7.5

This topic contains 9 replies, has 3 voices, and was last updated by  Tom 5 months, 2 weeks ago.

Viewing 10 posts - 1 through 10 (of 10 total)
  • Author
  • #749661


    Hey Guys,

    I’m getting a couple security warnings via ValutPress on the GP Premium plugin. The odd thing is I have GP Premium on another site being protected by VaultPress and I haven’t seen this warning on that site yet. Just wanted to make sure there isn’t something fishy going on here. Let me know if you need any additional information.

    Screenshots – https://imgur.com/a/8mtYSyY


    GeneratePress 2.2.1
    GP Premium 1.7.5

    David Customer Support

    Hi there,

    i think the fact it is not reporting the warning on the other Site says that something has happened to that installation. Check any recent changes you have made like adding new plugins.



    The odd thing is that those warnings are coming from within GP Premium. Could a plugin modify GP Premium?


    David Customer Support

    Possible if there is some malicious code in the plugin. Or it allowed malicious code to be injected.

    i’ll get Tom to take a look



    Got it. I’ll do some testing and see. I’ll also try reinstalling GP Premium.


    David Customer Support

    I have passed on to Tom as well so he can take a look.



    I’m fairly certain it’s been inserted via a malicious plugin. The only thing different from this site and the other one running the same setup is some of the plugins this client is using. Thanks for looking into it and passing it on.


    Tom Lead Developer

    Yes, that looks like a typical hack. You’ll want to:

    1. Delete the plugin (and any other infected plugin), and upload a fresh copy.
    2. Change all passwords (WP, hosting, FTP etc..)
    3. Make sure everything is up to date.
    4. Make sure none of your plugins are super old/haven’t been updated in years.

    It could also be hosting if you’re on shared hosting. One of the issues with shared hosting is someone else on your server could be hacked, which can give hackers a way into your site as well.



    Thanks Tom. Yeah that’s what I suspected. I’m in touch with VaultPress and they are going to help me make sure I’m protected again. This was a transfer from another hosting provider so there were likely vulnerabilities that I never have to deal with on sites that I produce brand new. I appreciate you guys looking into it and the detailed response!


    Tom Lead Developer
Viewing 10 posts - 1 through 10 (of 10 total)

You must be logged in to reply to this topic.