This topic contains 9 replies, has 3 voices, and was last updated by Tom 2 months, 2 weeks ago.
December 6, 2018 at 6:43 am #749661
I’m getting a couple security warnings via ValutPress on the GP Premium plugin. The odd thing is I have GP Premium on another site being protected by VaultPress and I haven’t seen this warning on that site yet. Just wanted to make sure there isn’t something fishy going on here. Let me know if you need any additional information.
Screenshots – https://imgur.com/a/8mtYSyY
ThanksGeneratePress 2.2.1GP Premium 1.7.5December 6, 2018 at 7:15 am #749785
David Customer Support
i think the fact it is not reporting the warning on the other Site says that something has happened to that installation. Check any recent changes you have made like adding new plugins.December 6, 2018 at 7:24 am #749792
The odd thing is that those warnings are coming from within GP Premium. Could a plugin modify GP Premium?December 6, 2018 at 7:50 am #749814
David Customer SupportDecember 6, 2018 at 7:50 am #749815
Got it. I’ll do some testing and see. I’ll also try reinstalling GP Premium.December 6, 2018 at 7:51 am #749817
David Customer SupportDecember 6, 2018 at 7:57 am #749821
I’m fairly certain it’s been inserted via a malicious plugin. The only thing different from this site and the other one running the same setup is some of the plugins this client is using. Thanks for looking into it and passing it on.December 6, 2018 at 9:19 am #749879
Tom Lead Developer
Yes, that looks like a typical hack. You’ll want to:
1. Delete the plugin (and any other infected plugin), and upload a fresh copy.
2. Change all passwords (WP, hosting, FTP etc..)
3. Make sure everything is up to date.
4. Make sure none of your plugins are super old/haven’t been updated in years.
It could also be hosting if you’re on shared hosting. One of the issues with shared hosting is someone else on your server could be hacked, which can give hackers a way into your site as well.December 6, 2018 at 9:48 am #749912
Thanks Tom. Yeah that’s what I suspected. I’m in touch with VaultPress and they are going to help me make sure I’m protected again. This was a transfer from another hosting provider so there were likely vulnerabilities that I never have to deal with on sites that I produce brand new. I appreciate you guys looking into it and the detailed response!December 6, 2018 at 10:31 am #749943
You must be logged in to reply to this topic.