Title: Obfuscated / Remote Code Last modified: May 25, 2022 --- # Obfuscated / Remote Code * [wpissuesreports](https://wordpress.org/support/users/wpissuesreports/) * (@wpissuesreports) * [4 years ago](https://wordpress.org/support/topic/obfuscated-remote-code/) * This plugin is in violation of the WordPress.org plugin guidelines. * It is using either obfuscated or remote code to spam the admin with advertisements on every page. * It needs to be corrected or removed from the repository. Viewing 8 replies - 1 through 8 (of 8 total) * Plugin Author [chriscct7](https://wordpress.org/support/users/chriscct7/) * (@chriscct7) * [4 years ago](https://wordpress.org/support/topic/obfuscated-remote-code/#post-15678637) * Hi there, Our plugin is in compliance with all WordPress.org guidelines. As one of the most installed WordPress plugins globally, we are audited regularly for compliance and security. * -Chris * Thread Starter [wpissuesreports](https://wordpress.org/support/users/wpissuesreports/) * (@wpissuesreports) * [4 years ago](https://wordpress.org/support/topic/obfuscated-remote-code/#post-15678652) * Looks like one of your updates did not remove the wordpress-seo (illegal name) directory when you changed the plugin slug. Since the plugin code has been in that directory slug for over 10 years, I just assumed it was still there. (And the new spam code was of course not there) * I have discovered that Yoast SEO now resides in a directory called google-analytics- for-wordpress (also an illegal name, though it is clear the rules only apply to some developers). * I was able to find your spam code and remove it. * I suggest you cleanup your old slug folders before a vulnerability is found in the code that was left behind. * Seems that audit has missed a few things. * Thread Starter [wpissuesreports](https://wordpress.org/support/users/wpissuesreports/) * (@wpissuesreports) * [4 years ago](https://wordpress.org/support/topic/obfuscated-remote-code/#post-15678668) * Note the wordpress-seo plugin slug directory that you left behind breaks the WordPress Site Health Check. (presumably because two plugins are trying to be the same plugin) Now that I have identified your leftover directory with a plugin of the same name in a different slug, my Site Health Check works again. * Moderator [Jan Dembowski](https://wordpress.org/support/users/jdembowski/) * (@jdembowski) * Forum Moderator and Brute Squad * [4 years ago](https://wordpress.org/support/topic/obfuscated-remote-code/#post-15678754) * > So finally, with the modbot successfully avoided. * [@wpissuesreports](https://wordpress.org/support/users/wpissuesreports/) I would not worry about that. I flagged your account for moderation and all of your topics, replies and reviews will hit the moderation queue and need to be manually approved by a moderator. * Here’s why: you are being abusive. If you want to leave a review then do so. You did. Then you tried to reply to the developer and “work” the forums. * You also set off the spam filter with your posting and made it worse by actively working to a) repost the same thing and b) somehow trick the queue into not flagging your replies. It kind of worked to a point, half of your weird gaming the system replies did get caught in the queue. * I just archived the other half. You were repeating yourself badly. Try not to game the forums next please. * Moderator [Jan Dembowski](https://wordpress.org/support/users/jdembowski/) * (@jdembowski) * Forum Moderator and Brute Squad * [4 years ago](https://wordpress.org/support/topic/obfuscated-remote-code/#post-15678769) * Back to your claim: * > I was able to find your spam code and remove it. * If you have tangible and real details then send that to `plugins[at]wordpress. org` Although it genuinely sounds like your site was hacked and you are blaming this plugin. * Moderator [Ipstenu (Mika Epstein)](https://wordpress.org/support/users/ipstenu/) * (@ipstenu) * 🏳️‍🌈 Advisor and Activist * [4 years ago](https://wordpress.org/support/topic/obfuscated-remote-code/#post-15678830) * [@wpissuesreports](https://wordpress.org/support/users/wpissuesreports/) You are not shadow-banned, you are being flagged for moderation following your behavior. * If you feel you have a legitimate complaint about this plugin, please contact` plugins@wordpress.org` * However since your last reply involved you saying “Fuck WordPress.org is pathetic. You people are useless.” your account will remain on moderation. If you cannot have a civil conversation, you will not be permitted to use our forums. * For the record, the url `wordpress-seo` is permitted because it literally **cannot** be edited. The same goes for `google-analytics-for-wordpress`. If we could change them, we would. It would spare us all a lot of headaches and misundertsanding. * And while you may hate the meta-box that recommends you pay for a pro version, it is not actually a violation at this time, since it’s not persistent (meaning it’s not displayed 100% of the time, only when you’re editing posts where it might be available) nor is it intrusive (you can minimize the meta-box). Is it annoying? Yeah, and I don’t personally like it either, but it doesn’t prevent me from doing anything. * Thread Starter [wpissuesreports](https://wordpress.org/support/users/wpissuesreports/) * (@wpissuesreports) * [4 years ago](https://wordpress.org/support/topic/obfuscated-remote-code/#post-15678850) * You are deleting every comment. You got sworn at because you are being unreasonable and irrational. * The plugin was spamming users with Pro ads on every back end admin page. My site was not hacked. * Jan Dembowski is being abusive. He is also hiding information. * I just fixed their plugin for them. Next time I won’t tell them what they did wrong. Ther plugin can stay broken. * Those two slugs are not allowed. A slug cannot contain the word wordpress or the name of another product. Both are in violation. * Yes, I am aware that wordpress-seo was grandfathered before this rule was implemented. * So go ahead, keep trying to make me look bad, and you can do it, because you can delete everything I say and then quote it out of context. * You fool no one. Get over yourselves. * Moderator [Ipstenu (Mika Epstein)](https://wordpress.org/support/users/ipstenu/) * (@ipstenu) * 🏳️‍🌈 Advisor and Activist * [4 years ago](https://wordpress.org/support/topic/obfuscated-remote-code/#post-15678919) * We are allowing your final comment to stand as an example to others. * This is _not_ how someone has a civil disagreement. * > The plugin was spamming users with Pro ads on every back end admin page. My > site was not hacked. * It’s not spamming. It’s a single promotion in a meta-box on posts/pages you edit. * I understand why you feel it’s spam, but at this time it is not considered a reason to remove or even warn a plugin concerning the use. If that changes, we will post on make/plugins so everyone knows. * > Those two slugs are not allowed. A slug cannot contain the word wordpress or > the name of another product. Both are in violation. * And, as we said, we have retroactively allowed both in as we have no way to change their permalinks without breaking the plugin for the users. If either trademark owner (WordPress or Google) rescinds the permission we have to allow those, we would be forced to close them. Thankfully they recognize the negative impact on the community and have not done so. * I am setting your account to suspended, which prohibits you from using the forums, submitting plugins/themes, or participating in conversations in trac. * Do not make a new account. It’s very clear you’ve allowed your anger to consume you and refuse to hear any explanations or opinions other than your own. * We (collectively) wish you the best of luck in your future endeavors. * PS: Your claim here: * > Looks like one of your updates did not remove the wordpress-seo (illegal name) > directory when you changed the plugin slug. * is due to a misunderstanding on your part. This plugin did not, and cannot, change it’s slug. So if there was a wordpress-seo folder on your site, someone installed it. If it was inside MonsterInsights, then Jan is right and you were likely hacked. - This reply was modified 4 years ago by [Ipstenu (Mika Epstein)](https://wordpress.org/support/users/ipstenu/). Viewing 8 replies - 1 through 8 (of 8 total) The topic ‘Obfuscated / Remote Code’ is closed to new replies. * ![](https://ps.w.org/google-analytics-for-wordpress/assets/icon.svg?rev=2976619) * [MonsterInsights - Google Analytics Dashboard for WordPress (Website Stats Made Easy)](https://wordpress.org/plugins/google-analytics-for-wordpress/) * [Frequently Asked Questions](https://wordpress.org/plugins/google-analytics-for-wordpress/#faq) * [Support Threads](https://wordpress.org/support/plugin/google-analytics-for-wordpress/) * [Active Topics](https://wordpress.org/support/plugin/google-analytics-for-wordpress/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/google-analytics-for-wordpress/unresolved/) * [Reviews](https://wordpress.org/support/plugin/google-analytics-for-wordpress/reviews/) * 8 replies * 4 participants * Last reply from: [Ipstenu (Mika Epstein)](https://wordpress.org/support/users/ipstenu/) * Last activity: [4 years ago](https://wordpress.org/support/topic/obfuscated-remote-code/#post-15678919)