There is a plugin download on BHW that will get your site hacked

Discussion in 'BlackHat Lounge' started by pxoxrxn, Nov 10, 2015.

  1. pxoxrxn

    pxoxrxn Supreme Member

    Dec 21, 2011
    Likes Received:
    The 'GravityForms v1.8.9 + Forms Styler Add-on - WP Plugins' has downloads that are not safe to put on your website. I'm not sure if the code is just old and contains known vulnerabilities or if the plugin has been modified to allow hackers to put files on your websites.

    I'm guessing its just old code with known vulnerabilities. I've found suspicious PHP files in the WP directory for every website that I've used it on. They are all different hacks, from a 'hacked by' page to a script that sends emails titled "fuck you" from [email protected]

    Can admins please remove the links to these files?
    • Thanks Thanks x 1
  2. skyfallsdown

    skyfallsdown Regular Member

    Oct 31, 2010
    Likes Received:
    Never tried it myself but thank you for this info mate.