Disable comment plugin injects potentially harmful script from CloudFront?

  • Resolved sarangsss29

    (@sarangsss29)


    9 months, 4 weeks ago

    This plugin injects a weird (potentially harmful) script from CloudFront

    Something like this:

    <script data-cfasync="false" src="//d2hdyssxn6lpj2.cloudfront.net/?sydhd=1176969" defer>

    Not sure what this is for. And not sure why it needs to connect to a shady sub-domain. Inserts into the font end of the site.

    Chrome dev console:

    Disabling the plugin removes the script.

    What’s this for?

Viewing 2 replies - 1 through 2 (of 2 total)
  • Amin

    (@amin7)

    9 months, 4 weeks ago

    Hi @sarangsss29

    Greetings!

    Sorry to hear about your experience. But, our dev team and security team have checked the scenario on our end, but, we could not find any harmful script/ file in our plugin. But, for your site there could be a chance some how it was infected, and as per our dev team suggestion, kindly completely remove the plugin from your server, and reinstall the plugin from WordPress repository.

    Let us know the status.

    Thanks

    Amin

    (@amin7)

    9 months, 3 weeks ago

    Hi @sarangsss29

    Greetings!

    We have not heard from you since our last reply. The issue should not be available after a new installation of plugin. I am resolving the topic.

    Thanks

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Disable comment plugin injects potentially harmful script from CloudFront?’ is closed to new replies.