App Is Hacked. Did you Know?
The support doesn work on Saturdays and Sundays, so some Friday requests can be answered on Monday. If you have problems with registration ask help on contact us page pleaseIf you not got email within 24~36 business hours, firstly check your spam box, and if no any email from the support there - back to the forum and read answer here. DO NOT ANSWER ON EMAILS [noreply@pluginus.net] FROM THE FORUM!! Emails are just for your info, all answers should be published only here.
The support doesn work on Saturdays and Sundays, so some Friday requests can be answered on Monday.
Your app is hacked and is displaying clothing on numerous client sites. You added a patch or a fix this morning I noticed and then immediately pulled that one too. I'm confused as to what you're doing. LOL
Hello
I not understand you, what do you mean when talking about plugin hacking?
So I'm not sure where you're lost. You just created a changelog due to a security issue, in fact your changelog stated"security fix" and at least 1oo clients that have this app were all reporting see clothing on their search fields, despite none of these clients selling clothing. But you added a patch for security. That's just too coincidental. I find it very strange.
Have you got video from clients or smth about it? Matches are random ...
Yes, I have a loom from them from last week. This went away the other day. Although we couldn't replicate it at all until today when you replaced the repo then we personally saw the hack. There's nothing in their DB so it has to be a file coming from your CDN or something.
Let me know if you saw the private data added Pablo. Thanks
Hello
it has to be a file coming from your CDN - It's impossible! The plugin is regularly tested. Our latest update is just adding text cleanup to remove potential hacking.
Do your customers use turbo mode or quick search(extensions)? Because it looks like just test data in a search file - https://share.pluginus.net/image/i20220810101901.png
Re-create search file for turbo mode and quick search(If you use it) and do a test
Nothing's impossible. As a security expert for over 35 years I can't even say I've seen it all because everyday I see something new.
This site isn't served from any CDN and wasn't even using any caching software either ah the time.
As for what the client uses, Turbo not Turbo I have no idea. I don't get into what they're doing with all these apps. I hate apps.
I custom code everything as I did here after I ripped your app out I wrote a simple script that does exactly what your app does, but without the bloat or slow down.
I just find it insanely odd that just the other day you guys release an update with"security fix" in the changelog and the client's site showing what appears to be your app being hacked, not their site or database, but your app. One of your files perhaps from your own CDN? Are any of them pulling from a CDN?
Just too coincidental Pablo
Hello Stef
All js scripts are on WOOF zip, and you can see them in the code searching by text (or regexp) '.js': https://share.pluginus.net/image/i20220811111208.png - no one external scripts using, as we not trust external sources
In fix added code added code $pagepath = realpath($pagepath); into files https://share.pluginus.net/image/i20220809135406.png and this fix related to the server part of WOOF code.
I just looked the video, and we are talking about WOOF ext Husky, and that products looks like from turbo mode data cache, try please reassemble products data https://share.pluginus.net/image/i20220811112147.png
Thanks. We'll check this on our end. But I believe we already went ahead and rebuilt it earlier today. The app is back on the site and running properly. Fingers crossed. I'll review what you sent and confirm later if it's indeed what we already did. Thanks
Now that I'm awake, yes, this is what we did already. Thanks
Welcome and thank You for cooperation :)