Title: [Plugin: SecurePress Website Security System] JavaScript Exploit
Last modified: August 20, 2016

---

# [Plugin: SecurePress Website Security System] JavaScript Exploit

 *  [markizano](https://wordpress.org/support/users/markizano/)
 * (@markizano)
 * [13 years, 8 months ago](https://wordpress.org/support/topic/plugin-securepress-website-security-system-javascript-exploit/)
 * `http://blog.markizano.net/2012/07/wordpress-securepress-plugin.html`
 * There’s an exploit available in this plugin.
    I’ve detailed the recommended function
   to properly escape the data.
 * Tested and verified on SecurePress Plugin version 8.4.0.1.
 * [http://wordpress.org/extend/plugins/securepress-plugin/](http://wordpress.org/extend/plugins/securepress-plugin/)

Viewing 2 replies - 1 through 2 (of 2 total)

 *  [lakersalex](https://wordpress.org/support/users/lakersalex/)
 * (@lakersalex)
 * [13 years, 8 months ago](https://wordpress.org/support/topic/plugin-securepress-website-security-system-javascript-exploit/#post-3054150)
 * a site i manage got hacked and the security service i use advised me that it 
   looks like the plugin or portions of it were installed on my site.
 * > The names of the directory and filename are similar to Securelive software 
   > [http://www.securelive.net](http://www.securelive.net) . The particular directory
   > and filename is included in this plugin [http://plugins.svn.wordpress.org/securepress-plugin/tags/5.3.02/sl_admin.php](http://plugins.svn.wordpress.org/securepress-plugin/tags/5.3.02/sl_admin.php)
   > which belongs to securelive.net (securepress) which is a web application security
   > software. This seems legitimate plugin of this software.
 * The problem is I never installed that plugin!
 * What’s going on here!?
 *  [lakersalex](https://wordpress.org/support/users/lakersalex/)
 * (@lakersalex)
 * [13 years, 8 months ago](https://wordpress.org/support/topic/plugin-securepress-website-security-system-javascript-exploit/#post-3054159)
 * Funny you posted this right as I was discovering this connection!

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘[Plugin: SecurePress Website Security System] JavaScript Exploit’ is 
closed to new replies.

 * ![](https://s.w.org/plugins/geopattern-icon/securepress-plugin.svg)
 * [SecurePress Website Security System](https://wordpress.org/plugins/securepress-plugin/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/securepress-plugin/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/securepress-plugin/)
 * [Active Topics](https://wordpress.org/support/plugin/securepress-plugin/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/securepress-plugin/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/securepress-plugin/reviews/)

## Tags

 * [exploit](https://wordpress.org/support/topic-tag/exploit/)
 * [vulnerable](https://wordpress.org/support/topic-tag/vulnerable/)

 * 2 replies
 * 2 participants
 * Last reply from: [lakersalex](https://wordpress.org/support/users/lakersalex/)
 * Last activity: [13 years, 8 months ago](https://wordpress.org/support/topic/plugin-securepress-website-security-system-javascript-exploit/#post-3054159)
 * Status: not resolved