|
Arwyn Jones
|
March 27, 2014 at 4:50 pm
I installed Version 4 The file contained hidden malicious scripts !!!!!
My server’s antivirus scanner found the code it included malware code so it rejected it.
I’m not happy
|
|
Brent Christensen
|
March 27, 2014 at 6:05 pm
Hi Arwyn,
I’m Event Espresso’s lead developer, and I’ve looked at your server’s antivirus report that you sent us.
Go down to about the 10th or 11th line where it says:
Referer: followed by a blue link ?
See how the blue link has your domain in it followed by:
/wp-admin/plugin-install.php?tab=upload ?
Well that means the corrupted file was uploaded to your server via the upload tab on the Plugins page in the WordPress Admin.
Event Espresso automatic updates are NOT done via the upload tab!!! The infected file that the report mentions was uploaded manually, meaning it came from the computer of the person that uploaded the file. If that was you, then it means that your computer is possibly the source of the “malicious scripts”.
As well, that report doesn’t mention anything about Event Espresso anywhere. There is not a single thing in that report to indicate that Event Espresso had anything to do with this incident.
If I were you, I would make sure that the computer that uploaded the infected files has updated antivirus and/or anti-malware programs running.
|
