Title: Recent security issue Last modified: December 10, 2021 --- # Recent security issue * Resolved [nathan62223](https://wordpress.org/support/users/nathan62223/) * (@nathan62223) * [4 years, 6 months ago](https://wordpress.org/support/topic/recent-security-issue-3/) * Hello, * I can’t answer on this topic : [https://wordpress.org/support/topic/recent-security-issue-2/](https://wordpress.org/support/topic/recent-security-issue-2/) and just want to add this information (maybe this can help someone). * It’s sometimes necessary to delete plugin ‘wp-striplple/wp-striplple.php’ directly in database because it’s doesn’t appear in wordpress administration. To do this, go on table ‘wp_options’, field ‘active_plugins’ and remove the plugin. Be carreful it’s can be dangerous ! * Thanks Viewing 4 replies - 1 through 4 (of 4 total) * Plugin Author [Steve Burge](https://wordpress.org/support/users/stevejburge/) * (@stevejburge) * [4 years, 6 months ago](https://wordpress.org/support/topic/recent-security-issue-3/#post-15151001) * Thanks for reporting this [@nathan62223](https://wordpress.org/support/users/nathan62223/) * [Kenji](https://wordpress.org/support/users/kenjitoyooka/) * (@kenjitoyooka) * [4 years, 6 months ago](https://wordpress.org/support/topic/recent-security-issue-3/#post-15152017) * Hello, * I’d like to add some detail about the recent security issue. One of my sites was hacked, and it was running PublishPress Capabilities 2.3.2, which is troubling. * That said, the suspicious ‘wp-striplple/wp-striplple.php’ plug-in had NOT been installed or uploaded. (I scanned the whole DB and confirmed). So it seems like version > 2.3 does the trick there. * BUT, my general settings site URL WAS changed to ‘trainresistor.cc’, as some others have mentioned. That was causing my page to not load. I fixed it by editing my database. * So there may be two different attacks involved, or two different aspects to one. * Plugin Author [Steve Burge](https://wordpress.org/support/users/stevejburge/) * (@stevejburge) * [4 years, 6 months ago](https://wordpress.org/support/topic/recent-security-issue-3/#post-15152076) * Hi [@kenjitoyooka](https://wordpress.org/support/users/kenjitoyooka/) * You may well be correct. Wordfence is reporting that these attacks on PublishPress Capabilities are part of a larger effort to hit multiple plugins and themes with options update vulnerabilities: [https://www.wordfence.com/blog/2021/12/massive-wordpress-attack-campaign/](https://www.wordfence.com/blog/2021/12/massive-wordpress-attack-campaign/) * So sites hacked through issues in those other plugins and themes may also see the “trainresistor” related impacts. * Plugin Author [Kevin Behrens](https://wordpress.org/support/users/kevinb/) * (@kevinb) * [4 years, 6 months ago](https://wordpress.org/support/topic/recent-security-issue-3/#post-15152109) * [@kenjitoyooka](https://wordpress.org/support/users/kenjitoyooka/) The vulnerability is fixed in 2.3.1 and 2.3.2. Malicious code or database updates uploaded under an older Capabilities version could have a completely different name or location, and could cause a delayed effect even after updating Capabilities. The best course is to restore files and database from backup, then update Capabilities. Viewing 4 replies - 1 through 4 (of 4 total) The topic ‘Recent security issue’ is closed to new replies. * ![](https://ps.w.org/capability-manager-enhanced/assets/icon-256x256.png?rev= 3408171) * [PublishPress Capabilities - User Role Editor, Access Permissions, User Capabilities, Admin Menus](https://wordpress.org/plugins/capability-manager-enhanced/) * [Frequently Asked Questions](https://wordpress.org/plugins/capability-manager-enhanced/#faq) * [Support Threads](https://wordpress.org/support/plugin/capability-manager-enhanced/) * [Active Topics](https://wordpress.org/support/plugin/capability-manager-enhanced/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/capability-manager-enhanced/unresolved/) * [Reviews](https://wordpress.org/support/plugin/capability-manager-enhanced/reviews/) * 4 replies * 4 participants * Last reply from: [Kevin Behrens](https://wordpress.org/support/users/kevinb/) * Last activity: [4 years, 6 months ago](https://wordpress.org/support/topic/recent-security-issue-3/#post-15152109) * Status: resolved