Title: plugin is hacked Last modified: October 21, 2023 --- # plugin is hacked * Resolved [wklauser](https://wordpress.org/support/users/wklauser/) * (@wklauser) * [2 years, 7 months ago](https://wordpress.org/support/topic/plugin-is-hacked-2/) * Take a look at [https://wordpress.org/plugin/iframe/](https://wordpress.org/plugin/iframe/) and you will see a Yarmak music YouTube video instead of whatever you are showing. This is the same as on my customer’s website for several days. Help! * The page I need help with: _[[log in](https://login.wordpress.org/?redirect_to=https%3A%2F%2Fwordpress.org%2Fsupport%2Ftopic%2Fplugin-is-hacked-2%2F%3Foutput_format%3Dmd&locale=en_US) to see the link]_ Viewing 9 replies - 1 through 9 (of 9 total) * Plugin Author [webvitalii](https://wordpress.org/support/users/webvitaly/) * (@webvitaly) * [2 years, 7 months ago](https://wordpress.org/support/topic/plugin-is-hacked-2/#post-17140975) * Hi [@wklauser](https://wordpress.org/support/users/wklauser/), * No, iframe plugin is not hacked. Seems like the shortcode was corrupted in the html/text editor. Try to re-type/fix the shortcode. Right now the output html looks like this and it is easy to spot the issue here: * ```wp-block-code ``` * Since the plugin cannot get the src from the corrupted params the default URL is used. * Please let me know if any additional questions. * Thread Starter [wklauser](https://wordpress.org/support/users/wklauser/) * (@wklauser) * [2 years, 7 months ago](https://wordpress.org/support/topic/plugin-is-hacked-2/#post-17141364) * But why does [https://wordpress.org/plugins/iframe/](https://wordpress.org/plugins/iframe/) show the same Yarmak music video? I will visit the customer tomorrow but I do know the plugin worked properly for several days and then all of a sudden it did not. * Thread Starter [wklauser](https://wordpress.org/support/users/wklauser/) * (@wklauser) * [2 years, 7 months ago](https://wordpress.org/support/topic/plugin-is-hacked-2/#post-17143164) * My customer has the following line of code in their post: [iframe width=’758′ height=’480′ src=’[https://k3d.fi?m=ewXFcT8t4Jk’](https://k3d.fi?m=ewXFcT8t4Jk’); frameborder=’0′ allow=’fullscreen’ scrolling=’no’]and yet they see the YouTube video. They updated the post, but that was of no help. * Plugin Author [webvitalii](https://wordpress.org/support/users/webvitaly/) * (@webvitaly) * [2 years, 7 months ago](https://wordpress.org/support/topic/plugin-is-hacked-2/#post-17148055) * I can see that the shortcode is working now. I will try to make it easier to work in future. * Thread Starter [wklauser](https://wordpress.org/support/users/wklauser/) * (@wklauser) * [2 years, 6 months ago](https://wordpress.org/support/topic/plugin-is-hacked-2/#post-17247594) * why does [https://hotelli-isosyote.fi/en/accommodation/fell-top-cottages/](https://hotelli-isosyote.fi/en/accommodation/fell-top-cottages/) again show a Youtube music video!? * Plugin Author [webvitalii](https://wordpress.org/support/users/webvitaly/) * (@webvitaly) * [2 years, 6 months ago](https://wordpress.org/support/topic/plugin-is-hacked-2/#post-17249260) * ```wp-block-code ``` * Hi [@wklauser](https://wordpress.org/support/users/wklauser/) The plugin is not hacked.As you can see from the inserted code the params got parsed incorectly. Try to re-type iframe params to fix your issue. * Let me know if any additional questions. * Thread Starter [wklauser](https://wordpress.org/support/users/wklauser/) * (@wklauser) * [2 years, 6 months ago](https://wordpress.org/support/topic/plugin-is-hacked-2/#post-17249656) * Hi [@webvitaly](https://wordpress.org/support/users/webvitaly/), Why must my customer renter the same iframe parameters It was working perfectly until several days ago? I would rather not make him aware of this embarrassing situation. * Plugin Author [webvitalii](https://wordpress.org/support/users/webvitaly/) * (@webvitaly) * [2 years, 6 months ago](https://wordpress.org/support/topic/plugin-is-hacked-2/#post-17260819) * Hi [@wklauser](https://wordpress.org/support/users/wklauser/), * That is a good question why it was working before and stopped now. I don’t know the answer for this one. Please let me know if you will find out the reason for that later. * Thread Starter [wklauser](https://wordpress.org/support/users/wklauser/) * (@wklauser) * [2 years, 6 months ago](https://wordpress.org/support/topic/plugin-is-hacked-2/#post-17261004) * I made a simple edit by changing one space to two spaces and now it looks okay. That seemed to have been enough. I need to keep an eye on this post because it has already changed twice to a Youtube music video. Viewing 9 replies - 1 through 9 (of 9 total) The topic ‘plugin is hacked’ is closed to new replies. * ![](https://s.w.org/plugins/geopattern-icon/iframe_99a44b.svg) * [iframe](https://wordpress.org/plugins/iframe/) * [Support Threads](https://wordpress.org/support/plugin/iframe/) * [Active Topics](https://wordpress.org/support/plugin/iframe/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/iframe/unresolved/) * [Reviews](https://wordpress.org/support/plugin/iframe/reviews/) * 9 replies * 2 participants * Last reply from: [wklauser](https://wordpress.org/support/users/wklauser/) * Last activity: [2 years, 6 months ago](https://wordpress.org/support/topic/plugin-is-hacked-2/#post-17261004) * Status: resolved