Title: This plugin contains malware Last modified: May 2, 2018 --- # This plugin contains malware * Resolved [Basheer](https://wordpress.org/support/users/mohamedbasheerkp/) * (@mohamedbasheerkp) * [8 years, 1 month ago](https://wordpress.org/support/topic/this-plugin-contains-malware/) * My website just slowed down and started to open spam links when clicking any part of website. I removed the plugin now. Installed from the WordPress repo. Where do this thing come from: * From Ithemes security plugin: * Malware found in the URL Infected URL: [https://MyWebsite.com/404javascript.js](https://MyWebsite.com/404javascript.js) Type: *Known javascript malware Documentation: [http://labs.sucuri.net/db/malware/rogueads.unwanted_ads?1](http://labs.sucuri.net/db/malware/rogueads.unwanted_ads?1) - This topic was modified 8 years, 1 month ago by [Basheer](https://wordpress.org/support/users/mohamedbasheerkp/). - This topic was modified 8 years, 1 month ago by [Basheer](https://wordpress.org/support/users/mohamedbasheerkp/). - This topic was modified 8 years, 1 month ago by [Basheer](https://wordpress.org/support/users/mohamedbasheerkp/). Viewing 6 replies - 1 through 6 (of 6 total) * [te_taipo](https://wordpress.org/support/users/te_taipo/) * (@te_taipo) * [8 years, 1 month ago](https://wordpress.org/support/topic/this-plugin-contains-malware/#post-10267950) * With any plugin, search online first to see if it has vulnerabilities that have been reported. If so, check to see if those issues were fixed before installing. WooCommerce is very insecure. * [dav74](https://wordpress.org/support/users/dav74/) * (@dav74) * [8 years ago](https://wordpress.org/support/topic/this-plugin-contains-malware/#post-10282993) * Hi [@mohamedbasheerkp](https://wordpress.org/support/users/mohamedbasheerkp/) * Did you get to the bottom of this vulnerability with the “WooCommerce Waitlist” plugin? I too use this plugin and a bit worried about your comments. Did you find an alternative to this plugin? * Thread Starter [Basheer](https://wordpress.org/support/users/mohamedbasheerkp/) * (@mohamedbasheerkp) * [8 years ago](https://wordpress.org/support/topic/this-plugin-contains-malware/#post-10283198) * No. I’ve uninstalled it after detecting it. I don’t know it’s source. * [https://wordpress.org/plugins/atum-stock-manager-for-woocommerce/](https://wordpress.org/plugins/atum-stock-manager-for-woocommerce/) This plugin also had the malware. * I’ve installed GOTMLS ([https://wordpress.org/plugins/gotmls/](https://wordpress.org/plugins/gotmls/)) and removed affected files. Don’t know the source of the malware. It just pumped by CPU and RAM usage to rocket high. Luckily I was on a VPS. If you are on shared hosting, your account will be banned by hosting providers. * Plugin Author [xootix](https://wordpress.org/support/users/xootix/) * (@xootix) * [8 years ago](https://wordpress.org/support/topic/this-plugin-contains-malware/#post-10284840) * Neither of the above plugins he mentioned has malware. One should be wise enough to judge by the reviews & active installations. Wordpress is a open community, anyone can post anything & we cannot respond every time to such idiotic claims - This reply was modified 8 years ago by [xootix](https://wordpress.org/support/users/xootix/). * Thread Starter [Basheer](https://wordpress.org/support/users/mohamedbasheerkp/) * (@mohamedbasheerkp) * [8 years ago](https://wordpress.org/support/topic/this-plugin-contains-malware/#post-10284882) * What about the detected files in the plugin directories? Yes, I’ve installed seeing this reviews and active installation. I was happy with functionality also( Except it showed two waitlist links at the product page). * Either you are trying to make money by exploiting the users (It showed ads and even the clicks redirected to other ad websites) or your plugin has been targetted by others. I don’t know and that you need to check. * If you are a serious plugin author, the arrogance may not help you in the long run. * [te_taipo](https://wordpress.org/support/users/te_taipo/) * (@te_taipo) * [8 years ago](https://wordpress.org/support/topic/this-plugin-contains-malware/#post-10285479) * [@xootix](https://wordpress.org/support/users/xootix/) No, Woocommerce does not have malware in it, but in the past it has had security issues that would allow an attacker to install malware though right? Viewing 6 replies - 1 through 6 (of 6 total) The topic ‘This plugin contains malware’ is closed to new replies. * ![](https://ps.w.org/waitlist-woocommerce/assets/icon-256x256.jpg?rev=2329148) * [Waitlist Woocommerce ( Back in stock notifier )](https://wordpress.org/plugins/waitlist-woocommerce/) * [Frequently Asked Questions](https://wordpress.org/plugins/waitlist-woocommerce/#faq) * [Support Threads](https://wordpress.org/support/plugin/waitlist-woocommerce/) * [Active Topics](https://wordpress.org/support/plugin/waitlist-woocommerce/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/waitlist-woocommerce/unresolved/) * [Reviews](https://wordpress.org/support/plugin/waitlist-woocommerce/reviews/) * 6 replies * 4 participants * Last reply from: [te_taipo](https://wordpress.org/support/users/te_taipo/) * Last activity: [8 years ago](https://wordpress.org/support/topic/this-plugin-contains-malware/#post-10285479) * Status: resolved