Support

Home Forums Event Espresso Premium Serious Issue – spammed / hacked / ??

Serious Issue – spammed / hacked / ??

Posted: June 22, 2013 at 8:54 pm


amr

June 22, 2013 at 8:54 pm

Been receiving alerts that users are having a hard time registering on one of my client’s sites.  I checked it out and on the 2nd screen of registration (confirmation) all the previously submitted info is suddenly replaced with spam.  Doesn’t matter what’s email address is used, all the info gets replaced.  What is going on?  Site scan with sucuri comes up clean, no files have been tampered with.  Is there a security issue somewhere?


amr

June 22, 2013 at 9:06 pm

Follow up with additional info…

I can see the spam data stored in the wp_events_answer table


Dean

June 24, 2013 at 4:25 am

Hello,

At this time we are not aware of any security breaches in the plugin. We take all reports of potential security breaches seriously.

Do you have any further information that can confirm this is related to Event Espresso? If so please use this form to send in details https://eventespresso.com/report-a-security-vulnerability/

Have you also checked other plugins, themes, passwords etc? Whilst it has targeted one of our tables it does not always mean it came from a loophole in our software.

With WordPress being one of the most popular open source software, there is always a risk of attacks – https://eventespresso.com/2013/04/important-news-hackers-target-wordpress-sites/

Please also see here for important information – http://codex.wordpress.org/FAQ_My_site_was_hacked

The support post ‘Serious Issue – spammed / hacked / ??’ is closed to new replies.

Have a question about this support post? Create a new support post in our support forums and include a link to this existing support post so we can help you.

Event Espresso