Plugin sending spam / security risk??

  • Resolved pete_richardson

    (@pete_richardson)


    11 years, 5 months ago

    Hi,

    My hosting company has taken my site offline.
    They said in their email that my WordPress site is sending spam messages and the source of the problem is this file:
    wp-content/plugins/cms-tree-page-view/images/dump.php
    (inside the CMS Tree Page view folder)

    Is the dump.php file part of the CMS tree page plugin? or has my site been hacked somehow? What does this file usually do?

    Has anyone else had a similar problem?

    This problem has happened on the same site a couple of times now, and I need to prevent it happening again.

    I searched around online and I couldn’t find anyone else who has had the same problem.

    Thanks for any advice or help on how I can fix this!
    Pete

    https://ww.wp.xz.cn/plugins/cms-tree-page-view/

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Author Pär Thernström

    (@eskapism)

    11 years, 5 months ago

    Hi Pete,
    sorry to hear you’re having problems with spam.

    There is no file called dump.php used by my plugin. I just downloaded the installations package from ww.wp.xz.cn and I can confirm that there is no file called that anywhere.

    Another person/user/script/hacker must have added that file to your WordPress installation.

    Thread Starter pete_richardson

    (@pete_richardson)

    11 years, 5 months ago

    Hi Pär,

    Thanks for the reply, good to know it’s nothing in the plugin itself. I think my site must have been hacked and someone uploaded that file inside the directory.

    I’ve removed the file for now, reset all passwords and have installed security plugins on the site to try and prevent anyone from hacking the site again.

    Hopefully it won’t happen again.

    cheers for the help
    Pete

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Plugin sending spam / security risk??’ is closed to new replies.

Tags