Title: [Plugin: Tabbed Widgets] VIRUS!
Last modified: August 19, 2016

---

# [Plugin: Tabbed Widgets] VIRUS!

 *  Resolved [HotJoint](https://wordpress.org/support/users/hotjoint/)
 * (@hotjoint)
 * [15 years, 4 months ago](https://wordpress.org/support/topic/plugin-tabbed-widgets-virus/)
 * People!
 * Watch out! this plugin has a virus on it. It tryed to hack my site for like 6
   times now. Is trying to inject code on my database.!
 * Beware!

Viewing 8 replies - 1 through 8 (of 8 total)

 *  Plugin Author [Kaspars](https://wordpress.org/support/users/kasparsd/)
 * (@kasparsd)
 * [15 years, 4 months ago](https://wordpress.org/support/topic/plugin-tabbed-widgets-virus/#post-1889193)
 * **There is NO virus in this plugin**.
 * Please don’t make such claims without providing any evidence.
 *  Thread Starter [HotJoint](https://wordpress.org/support/users/hotjoint/)
 * (@hotjoint)
 * [15 years, 4 months ago](https://wordpress.org/support/topic/plugin-tabbed-widgets-virus/#post-1889235)
 * I have the log of my server where u can find the attack. Im just warning other
   people to check this files before they upload the plugin to their servers
 *  Plugin Author [Kaspars](https://wordpress.org/support/users/kasparsd/)
 * (@kasparsd)
 * [15 years, 4 months ago](https://wordpress.org/support/topic/plugin-tabbed-widgets-virus/#post-1889241)
 * Again, could you please back up your claims?
 * Here are the files:
    [http://plugins.trac.wordpress.org/browser/tabbed-widgets/tags/1.3.1](http://plugins.trac.wordpress.org/browser/tabbed-widgets/tags/1.3.1)
 * Can you please explain in which file, which line the “virus” is?
 *  Thread Starter [HotJoint](https://wordpress.org/support/users/hotjoint/)
 * (@hotjoint)
 * [15 years, 4 months ago](https://wordpress.org/support/topic/plugin-tabbed-widgets-virus/#post-1889246)
 * Im very sorry, you are right. I dont have to directly accuse the plugin as a 
   virus but it maybe have one or any vulnerability. This is a single entry on my
   security log:
 * [unique_id “XXXXXXXXXXXXXXXXXxx”]
    [Sat Jan 29 19:24:50 2011] [error] [client
   XXXXXXXXX] ModSecurity: Access denied with code 406 (phase 2). Pattern match “\\
   b(\\d+) ?= ?\\1\\b|[\\'”](\\w+)[\\'”] ?= ?[\\'”]\\2\\b” at REQUEST_HEADERS:Cookie.[
   file “XXXXXXXXXXXXXX”] [line “86”] [id “XXXXX”] [msg “SQL Injection Attack”] [
   data “1=1”] [severity “CRITICAL”] [tag “WEB_ATTACK/SQL_INJECTION”] [hostname “
   XXXXXXXXXXXX”] [uri “/wp-content/plugins/tabbed-widgets/css/tabbed-widgets.css”]
 * It happens with this file aswell: /wp-content/plugins/tabbed-widgets/js/jquery-
   cookie.min.js
 * I dont know if that helps.
 *  Plugin Author [Kaspars](https://wordpress.org/support/users/kasparsd/)
 * (@kasparsd)
 * [15 years, 4 months ago](https://wordpress.org/support/topic/plugin-tabbed-widgets-virus/#post-1889254)
 * The reason why you have this error is because someone (probably a bot) added “\\
   b(\\d+) ?= ?\\1\\b|[\\'”](\\w+)[\\'”] ?= ?[\\'”]\\2\\b” to the HTTP request when
   requesting tabbed-widgets.css and the mod_security thinks the server is being
   attacked.
 * This has nothing to do with Tabbed Widgets.
 * Many people have had such errors because of mis-configured mod_security apache
   module: [http://www.webhostingtalk.com/showthread.php?t=945768](http://www.webhostingtalk.com/showthread.php?t=945768)
 *  Thread Starter [HotJoint](https://wordpress.org/support/users/hotjoint/)
 * (@hotjoint)
 * [15 years, 4 months ago](https://wordpress.org/support/topic/plugin-tabbed-widgets-virus/#post-1889264)
 * Thanx for the answer. So do you think this is a false positive?
 *  Plugin Author [Kaspars](https://wordpress.org/support/users/kasparsd/)
 * (@kasparsd)
 * [15 years, 4 months ago](https://wordpress.org/support/topic/plugin-tabbed-widgets-virus/#post-1889267)
 * Definitely, a false positive!
 *  Thread Starter [HotJoint](https://wordpress.org/support/users/hotjoint/)
 * (@hotjoint)
 * [15 years, 4 months ago](https://wordpress.org/support/topic/plugin-tabbed-widgets-virus/#post-1889284)
 * Thanx

Viewing 8 replies - 1 through 8 (of 8 total)

The topic ‘[Plugin: Tabbed Widgets] VIRUS!’ is closed to new replies.

 * ![](https://s.w.org/plugins/geopattern-icon/tabbed-widgets.svg)
 * [Tabbed Widgets](https://wordpress.org/plugins/tabbed-widgets/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/tabbed-widgets/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/tabbed-widgets/)
 * [Active Topics](https://wordpress.org/support/plugin/tabbed-widgets/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/tabbed-widgets/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/tabbed-widgets/reviews/)

 * 8 replies
 * 2 participants
 * Last reply from: [HotJoint](https://wordpress.org/support/users/hotjoint/)
 * Last activity: [15 years, 4 months ago](https://wordpress.org/support/topic/plugin-tabbed-widgets-virus/#post-1889284)
 * Status: resolved