[Plugin: WP Featured Post with thumbnail] Malicious copied plugin | ww.wp.xz.cn

TheDudeAbides
(@thedudeabides)

14 years, 9 months ago

I am posting this here to bring this to the attention of the wordpress support team. I’ve already sent an email. This plugin needs to be removed ASAP

This plugin:
a) is a cut and paste copy of http://ww.wp.xz.cn/extend/plugins/featured-post-with-thumbnail/ with no reference to that effect.
b) contains an encrypted(unescaped) analytics code that tracks users sites, something I understand is against the terms as I’ve seen other plugins removed for even sending the site and plugin version numbers.
c) contains an additional 140k file with 3000 lines of code that references everything from proxies, setting cookies, iframes, a full FTP system, inserting additional javascsript etc. If that doesn’t raise a million red flags I don’t know what does.
d) users are complaning their sites have been hacked as a result and malicious code inserted http://ww.wp.xz.cn/support/topic/plugin-wp-featured-post-with-thumbnail-ripp-off?replies=5 that directs traffic back to the authors website.

Please take care of it.

http://ww.wp.xz.cn/extend/plugins/wp-featured-post-with-thumbnail/

The topic ‘[Plugin: WP Featured Post with thumbnail] Malicious copied plugin’ is closed to new replies.

0 replies
1 participant
Last reply from: TheDudeAbides
Last activity: 14 years, 9 months ago
Status: not resolved