Security Issue | Report Bugs | Forum Archive

The free forums are no longer in use. It remains available as read-only archive.

Avatar
Lost password?
Advanced Search
Forum Scope


Match



Forum Options



Minimum search word length is 3 characters – maximum search word length is 84 characters
The forums are currently locked and only available for read only access
sp_TopicIcon
Security Issue
February 26, 2014
4:32 am
Avatar
Chris
New Member
Members
Forum Posts: 1
Member Since:
February 25, 2014
sp_UserOfflineSmall Offline

I just recieved the following notice from my web host for two of my sites where I have the xcloner plugin installed. You may want to do a security audit on this:

 

It's come to our attention that your (gs) Grid-Service has been compromised and is hosting malicious files. These files are being used to relay spam and attack other servers on the Internet. This degrades your service, as well as the service of others, and is a large consumer of resources overall. While the plugin developer has not yet confirmed the presence of a vulnerability, we have noticed malicious scans targeting the 'xcloner-backup-and-restore' plugin installed at the following path:

/wp-content/plugins/xcloner-backup-and-restore/

As a result of the malicious scans, we found malicious files created on your (gs) Grid-Service through the requests made to the aforementioned plugin:

/wp-content/plugins/xcloner-backup-and-restore/language/it1bzz.php
/wp-content/plugins/xcloner-backup-and-restore/language/in8bah.php
/wp-content/plugins/xcloner-backup-and-restore/language/iha9nz.php
/wp-content/plugins/xcloner-backup-and-restore/css/a5ni84.php
/wp-content/plugins/xcloner-backup-and-restore/language/it1bzz.php
/wp-content/plugins/xcloner-backup-and-restore/language/in8bah.php
/wp-content/plugins/xcloner-backup-and-restore/language/iha9nz.php
/wp-content/plugins/xcloner-backup-and-restore/css/a5ni84.php

I have deleted your plugin folder from my sites, along with these files.

February 26, 2014
11:25 am
Avatar
Ovidiu Liuta
Admin
Forum Posts: 2484
Member Since:
September 26, 2010
sp_UserOfflineSmall Offline

Hi Chris, we are working hard on posting an update soon to fix these attacks.

 

Regards, Ovidiu

February 26, 2014
4:10 pm
Avatar
Ovidiu Liuta
Admin
Forum Posts: 2484
Member Since:
September 26, 2010
sp_UserOfflineSmall Offline
February 26, 2014
6:42 pm
Avatar
en1854
New Member
Members
Forum Posts: 1
Member Since:
September 5, 2012
sp_UserOfflineSmall Offline

After this update the Xcloner plug in does not work

 

Warning: require_once(__DIR__/cloner.config.php) [function.require-once]: failed to open stream:

 

Please advise

February 26, 2014
7:17 pm
Avatar
Ovidiu Liuta
Admin
Forum Posts: 2484
Member Since:
September 26, 2010
sp_UserOfflineSmall Offline

Please reinstall XCloner, it should work ok now!

Forum Timezone: America/Chicago
Most Users Ever Online: 867
Currently Online:
Guest(s) 1
Currently Browsing this Page:
1 Guest(s)
Top Posters:
mlguru: 30
Django29: 29
Andy: 21
D: 21
Marcus: 20
Jamie F: 19
Member Stats:
Guest Posters: 737
Members: 9580
Moderators: 2
Admins: 3
Forum Stats:
Groups: 3
Forums: 7
Topics: 2397
Posts: 8236
Newest Members:
Jonathan Anez
Moderators: TriP: 0, Steve Burge: 0
Administrators: Ovidiu Liuta: 2484, Victor Drover: 1, Valentin Barbu: 0