Security Issue – GeoDirectory sending out large quantities of emails

This topic contains 7 replies, has 4 voices, and was last updated by  Stiofan O’Connor 6 years, 6 months ago.

We have moved to a support ticketing system and our forums are now closed.

Open Support Ticket
  • Author
    Posts
  • November 6, 2017 at 2:55 pm #404324

    Chris Schneider
    Free User
    Post count: 6

    So I just got this message from WP Engine’s Support Team. For those that are unaware, they monitor security and performance, etc.

    Hello from the WP Engine Support team!

    I’m reaching out concerning your install [name], which has been detected as sending out a large amount of emails through our default email services.

    It appears there is what looks to be a recent, unreported exploit with the geodirectory plugin causing this, as it even occurs with the latest version, 1.6.24.

    We would recommend you disable this plugin for now and reach out to the plugin developer on this.

    It looks like it’s the “Your friend thought you might be interested in…” emails if that helps. I can provide more details through private messages if you prefer.

    This plugin populates one of the most popular pages on my site. I really don’t want to disable this plugin because my client will be super angry.

    Any help or guidance can be greatly appreciated.

    November 6, 2017 at 7:46 pm #404362

    Stiofan O’Connor
    Site Admin
    Post count: 22956

    Hi Chris,

    That feature allows users to send emails to their friends, it can be disabled or the recaptcha addon can be used to protect it from bots.

    If you can install a “log emails” plugin we can check if its a bot or maybe a actual spammer.

    Please also provide wp-admin details and i’ll take a look.

    Thanks,

    Stiofan

    November 6, 2017 at 7:49 pm #404364

    Chris Schneider
    Free User
    Post count: 6
    This reply has been marked as private.
    November 6, 2017 at 7:50 pm #404365

    Paolo
    Site Admin
    Post count: 31206

    Hi,

    you can use any fake email address, no need to use a real email address for a support admin.

    Thanks

    November 6, 2017 at 9:07 pm #404382

    Chris Schneider
    Free User
    Post count: 6
    This reply has been marked as private.
    November 7, 2017 at 12:28 pm #404472

    Stiofan O’Connor
    Site Admin
    Post count: 22956

    Thanks for the info, i have made some changes to the plugin to prevent bots and add more validation. I also installed an email log program, it caught one email before i made the changes so it will be interesting to see if there are any more now.
    Let me know if you have anymore problems.

    Thanks,

    Stiofan

    November 15, 2017 at 5:57 pm #405418

    BL Interactive
    Expired Member
    Post count: 83

    I am having the same issue. What is the fix?

    Can the share script be completely disabled?

    November 15, 2017 at 6:10 pm #405420

    Stiofan O’Connor
    Site Admin
    Post count: 22956

    You can replace these two files to implement the fix for now until we do a release:
    https://github.com/GeoDirectory/geodirectory/blob/master/geodirectory-functions/custom_functions.php
    https://github.com/GeoDirectory/geodirectory/blob/master/geodirectory-templates/popup-forms.php

    Thanks,

    Stiofan

  • Author
    Posts
Viewing 8 posts - 1 through 8 (of 8 total)

We have moved to a support ticketing system and our forums are now closed.

Open Support Ticket