Malicious files | ww.wp.xz.cn

Resolved catwingz
(@catwingz)

7 months, 3 weeks ago

On the recommendation of WordPress’ Site Health I have installed this plugin on multiple websites. Repeatedly I have been receiving alerts from Wordfence identifying malicious files in the Docket Cache directory. I am about to remove it from all of these websites unless you can convince me that you are addressing the vulnerabilities of your plugin.

Viewing 4 replies - 1 through 4 (of 4 total)

Plugin Author Nawawi Jamili
(@nawawijamili)

7 months, 3 weeks ago

Hello there,

I believe this is a false positive, as the issue has already been patched. For further confirmation, please contact Wordfence.

https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/docket-cache

Thanks.

Thread Starter catwingz
(@catwingz)

7 months, 3 weeks ago

The thing is it is a chronic problem. Every month or so it’s back on the list with files with porn, drugs and other things in the file names within that plugin directory. Those file names are not “false positives.”

Thread Starter catwingz
(@catwingz)

7 months, 3 weeks ago

https://ibb.co/NdckvXbS

https://ibb.co/Z18FBpV9

https://ibb.co/KjJCGTm6

3 different websites on three different hosts in two days. These are just the latest. Your plugin is a problem.

Plugin Author Nawawi Jamili
(@nawawijamili)

7 months, 3 weeks ago

Hi there,

The file mentioned is not from Docket Cache.

please deactivate and uninstall Docket Cache, and remove wp-content/cache/docket-cache manually.

Thanks.

Viewing 4 replies - 1 through 4 (of 4 total)

The topic ‘Malicious files’ is closed to new replies.

Tags

5 replies
2 participants
Last reply from: Nawawi Jamili
Last activity: 7 months, 3 weeks ago
Status: resolved