Title: Plugin malware files crashed admin page access Last modified: November 10, 2018 --- # Plugin malware files crashed admin page access * [underthecover](https://wordpress.org/support/users/underthecover/) * (@underthecover) * [7 years, 7 months ago](https://wordpress.org/support/topic/plugin-malware-files-crashed-admin-page-access/) * Hi, * Yesterday we had a serious malware threat to our website caused by several files located inside: /plugins/wp-mail-smtp/vendor/ * The infected files made it impossible to login to our wp-admin page, as it would automatically redirect to the following website: [http://erealitatea.net/wp-login.php?redirect_to=http%3A%2F%2Fwww.mywebsite.pt%2Fwp-admin%2F&reauth=1](http://erealitatea.net/wp-login.php?redirect_to=http%3A%2F%2Fwww.mywebsite.pt%2Fwp-admin%2F&reauth=1) * To fix this problem we had to do a major restore of the website. * This is the first time this happened and so far we’ve been really happy with the plugin performance, but due to this event we had to uninstall it. * Can you please look into this and give us some feedback so we know it’s safe to reinstall this plugin? * Thank you and kind regards, Luís Viewing 3 replies - 1 through 3 (of 3 total) * Plugin Author [Slava Abakumov](https://wordpress.org/support/users/slaffik/) * (@slaffik) * [7 years, 7 months ago](https://wordpress.org/support/topic/plugin-malware-files-crashed-admin-page-access/#post-10874667) * Hi [@underthecover](https://wordpress.org/support/users/underthecover/), * Thanks for the report. I will review once again is this possible to inject files through the WP Mail SMTP plugin. But you should be aware, that any insecure plugin will allow hackers to put any files in any place on a site, so this might not be relevant to WP Mail SMTP at all. * Is there any chance that you preserved the files that were injected in `vendor` directory? I would like to investigate them. * Thread Starter [underthecover](https://wordpress.org/support/users/underthecover/) * (@underthecover) * [7 years, 7 months ago](https://wordpress.org/support/topic/plugin-malware-files-crashed-admin-page-access/#post-10875336) * Hi [@slaffik](https://wordpress.org/support/users/slaffik/) , * Thanks for getting back to me. I completely understand, even though all my plugins are all up to date and with no signs of alarm. * I don’t have access to a laptop until next week, all I can send you now is the files names: * /home/nu1yoo3l/public_html/wp-content/plugins/wp-mail-smtp/vendor/google/apiclient- services/src/Google/Service/Gmail/Resource/cron.php /home/nu1yoo3l/public_html/ wp-content/plugins/wp-mail-smtp/vendor/monolog/monolog/src/Monolog/Formatter/ embed.php /home/nu1yoo3l/public_html/wp-content/plugins/wp-mail-smtp/vendor/monolog/ monolog/src/Monolog/Handler/json.php /home/nu1yoo3l/public_html/wp-content/plugins/ wp-mail-smtp/vendor/monolog/monolog/src/Monolog/Processor/info.php /home/nu1yoo3l/ public_html/wp-content/plugins/wp-mail-smtp/vendor/psr/log/Psr/Log/date.php * Is this helpful at all? Thanks in advance for your help and support. * Plugin Author [Slava Abakumov](https://wordpress.org/support/users/slaffik/) * (@slaffik) * [7 years, 7 months ago](https://wordpress.org/support/topic/plugin-malware-files-crashed-admin-page-access/#post-10876465) * Yes, it’s helpful, thank you for paths/filenames. Viewing 3 replies - 1 through 3 (of 3 total) The topic ‘Plugin malware files crashed admin page access’ is closed to new replies. * ![](https://ps.w.org/wp-mail-smtp/assets/icon-256x256.png?rev=1755440) * [WP Mail SMTP by WPForms - The Most Popular SMTP and Email Log Plugin](https://wordpress.org/plugins/wp-mail-smtp/) * [Frequently Asked Questions](https://wordpress.org/plugins/wp-mail-smtp/#faq) * [Support Threads](https://wordpress.org/support/plugin/wp-mail-smtp/) * [Active Topics](https://wordpress.org/support/plugin/wp-mail-smtp/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/wp-mail-smtp/unresolved/) * [Reviews](https://wordpress.org/support/plugin/wp-mail-smtp/reviews/) * 3 replies * 2 participants * Last reply from: [Slava Abakumov](https://wordpress.org/support/users/slaffik/) * Last activity: [7 years, 7 months ago](https://wordpress.org/support/topic/plugin-malware-files-crashed-admin-page-access/#post-10876465) * Status: not resolved