Udvikleren har opdaget at nogen har benyttet et hul til at liste filer ind i din WordPress installation.
Som den ansvarlige udvikler han er trykker han straks på den store alarm knap.
Sandsynligvis er der ikke sket noget, men lad Wordfence eller lign sikkerhedsplugin køre en scan og tjek om der kommer advarsler om mistænkelige filer i PowerPack mappen. Opdater derefter pluginet til version 2.7.1. Det er tilsyneladende kun Pro versionen der er ramt, ikke gratis versionen, men sørg nu for at opdatere alle plugins, tema og og WordPress når du alligevel er igang.
Meldingen fra udvikleren….
Important security update forPowerPack users. A few users recently reported some issues with a malicious index.php file in /wp-content/uploads/bbpowerpack/ directory. The file was flagged by security plugins like Wordfence and MalCare.
First, let’s take preventive measures:
- Scan your site with a security plugin like Wordfence, MalCare, Sucuri, etc.
- If you receive any warnings for .php files in /wp-content/uploads/bbpowerpack directory, delete the file(s).
- Update PowerPack to the latest version 2.7.1
Details about the issue:
As mentioned above, some sites were recently flagged by malware scanners. The file and the path were common in all cases.
So, how did this happen? Is it our fault?
When you activate PowerPack on a site, it creates a “bbpowerpack” directory inside /wp-content/uploads directory. By default, this directory doesn’t contain any .php files. It contains an index.html file and the directory is used to store the template files downloaded from our AWS S3 (Amazon Web Services – Simple Storage Service) Template library.
When we got notified of the security issue, we started looking at the server logs of all such sites but couldn’t track down the source of the file. We aren’t 100% sure if it was created via PowerPack or some other exploit. We couldn’t find a clear pattern which led to the infected files in the “/uploads/bbpowerpack” directory but, the directory path was definitely something in common.
How did we fix it?
We understand that security issues can lead to several problems and are a nightmare for all of us. PowerPack currently powers more than 100k websites, it’s a huge responsibility to take care of all the sites and customers.
We reached out to some security experts and based on their recommendation, we started reviewing the entire code base for PowerPack line-by-line.
We take all the issues reported by our users seriously and act upon them at the earliest. Security is our utmost priority and we have made several improvements to PowerPack’s codebase as preventive measures to avoid any backdoors.
Again, What should you do?
If you have received any warnings from security plugins about a malicious index.php file in /wp-content/uploads/bbpowerpack/ directory, please delete it immediately and update PowerPack to 2.7.1
We stand by our products and are always here to help you in the best possible ways. Be it a functionality bug or a security issue, we take everything seriously and pay equal attention to all the matters.
We are hopeful that the latest update will improve the security further and prevent any such backdoors.
That’s all for now!
Jeg hjælper gerne arkiver og lokalhistoriske foreninger med at forny hjemmeside, eller bygge en ny moderne hjemmeside der er tilpasset lige netop jeres behov. Sådan at I kan koncentrere jer om at skrive de gode historier uden alt det tekniske der følger med en hjemmeside.
Kurser i WordPress og Facebook kan bestilles via Danskearkiver.dk