|
amr
|
June 22, 2013 at 8:54 pm
Been receiving alerts that users are having a hard time registering on one of my client’s sites. I checked it out and on the 2nd screen of registration (confirmation) all the previously submitted info is suddenly replaced with spam. Doesn’t matter what’s email address is used, all the info gets replaced. What is going on? Site scan with sucuri comes up clean, no files have been tampered with. Is there a security issue somewhere?
|
|
amr
|
June 22, 2013 at 9:06 pm
Follow up with additional info…
I can see the spam data stored in the wp_events_answer table
|
|
Dean
|
June 24, 2013 at 4:25 am
Hello,
At this time we are not aware of any security breaches in the plugin. We take all reports of potential security breaches seriously.
Do you have any further information that can confirm this is related to Event Espresso? If so please use this form to send in details https://eventespresso.com/report-a-security-vulnerability/
Have you also checked other plugins, themes, passwords etc? Whilst it has targeted one of our tables it does not always mean it came from a loophole in our software.
With WordPress being one of the most popular open source software, there is always a risk of attacks – https://eventespresso.com/2013/04/important-news-hackers-target-wordpress-sites/
Please also see here for important information – http://codex.wordpress.org/FAQ_My_site_was_hacked
|
