[wp-trac] [WordPress Trac] #41414: Display Widgets Plugin Is A Trojan Horse
WordPress Trac
noreply at wordpress.org
Sun Jul 23 23:18:46 UTC 2017
#41414: Display Widgets Plugin Is A Trojan Horse
--------------------------+-----------------------------
Reporter: calvin_ngan | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Widgets | Version: 4.8
Severity: normal | Keywords:
Focuses: |
--------------------------+-----------------------------
This plusgin
https://wordpress.org/plugins/display-widgets/
creates undetectedable pages with spammy links.
I believe the code can be found in their geolocation.php
https://www.google.com/search?q=geckoandfly.com+payday&ie=utf-8&oe=utf-8&client=firefox-b
I've removed the secret page, but after going thru my MySQL, i found a few
codes that related back to the said plugin. things like
__3371_last_checked_3771__ and displaywidgets_ids, all created by the
plugin and inserted in wp-options.
the article and pages cannot be search via post/page, only can be found in
wp-options.
ever since it was sold to the new owner, it comes with many funny codes.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/41414>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list