Schwachstelle in Plugin

Hallo zusammen, mit dem Plugin wurde ein Hacker-Angriff durchgeführt, siehe Logfile: x.x.x.x - - [01/Jan/1970:08:48:04 +0200] "GET /xxx/wp-login.php?action=register HTTP/1.1" 302 - "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" x.x.x.x - - [01/Jan/1970:08:48:06 +0200] "POST /xxx/wp-admin/admin-post.php HTTP/1.1" 302 - "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" x.x.x.x - - [01/Jan/1970:08:48:08 +0200] "POST /xxx/wp-admin/admin-post.php HTTP/1.1" 302 - "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" x.x.x.x - - [01/Jan/1970:08:48:10 +0200] "GET /xxx/wp-login.php?action=register HTTP/1.1" 200 4393 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" x.x.x.x - - [01/Jan/1970:08:48:10 +0200] "POST /xxx/wp-login.php?action=register HTTP/1.1" 302 - "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" x.x.x.x - - [01/Jan/1970:08:48:22 +0200] "GET /xxx/wp-login.php?checkemail=registered HTTP/1.1" 200 4740 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" x.x.x.x - - [01/Jan/1970:08:48:29 +0200] "GET /xxx/wp-login.php?action=rp&key=jeVdPaWXw8ZdlMz5g0an&login=violet1939 HTTP/1.1" 302 - "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" x.x.x.x - - [01/Jan/1970:08:48:31 +0200] "GET /xxx/wp-login.php?action=rp HTTP/1.1" 200 7358 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" x.x.x.x - - [01/Jan/1970:08:48:32 +0200] "POST /xxx/wp-login.php?action=resetpass HTTP/1.1" 200 1916 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" x.x.x.x - - [01/Jan/1970:08:48:41 +0200] "POST /xxx/wp-admin/admin-post.php HTTP/1.1" 302 - "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" x.x.x.x - - [01/Jan/1970:08:48:42 +0200] "POST /xxx/wp-admin/admin-post.php HTTP/1.1" 302 - "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" x.x.x.x - - [01/Jan/1970:08:48:44 +0200] "POST /xxx/wp-login.php HTTP/1.1" 302 - "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" x.x.x.x - - [01/Jan/1970:08:48:52 +0200] "GET /xxx/wp-admin/ HTTP/1.1" 200 138811 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" x.x.x.x - - [01/Jan/1970:08:48:56 +0200] "GET /xxx/wp-admin/plugin-editor.php HTTP/1.1" 200 207999 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" x.x.x.x - - [01/Jan/1970:08:48:58 +0200] "GET /xxx/wp-admin/plugin-editor.php?plugin=bst-dsgvo-cookie/bst.php HTTP/1.1" 200 139312 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" x.x.x.x - - [01/Jan/1970:08:48:59 +0200] "GET /xxx/wp-admin/plugin-editor.php?plugin=bst-dsgvo-cookie/bst.php&file=bst-dsgvo-cookie/includes/enqueue.php HTTP/1.1" 200 128570 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" x.x.x.x - - [01/Jan/1970:08:49:01 +0200] "GET /xxx/wp-admin/plugin-editor.php?plugin=bst-dsgvo-cookie/bst.php&file=bst-dsgvo-cookie/includes/enqueue.php HTTP/1.1" 200 128570 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" Bei einem anderen Plugin gab es im November 2018 ein ähnliches Problem. Vielleicht wird die gleiche Schwachstelle ausgenutzt, siehe Link: VG Loewenherz This topic was modified 7 years, 1 month ago by loewenherz76 . This topic was modified 7 years, 1 month ago by loewenherz76 . This topic was modified 7 years, 1 month ago by loewenherz76 . This topic was modified 7 years, 1 month ago by Jan Dembowski . The page I need help with: [ log in to see the link] Danke für den Hinweis! Werde das plugin sofort deinstallieren. Gibt mir beim update auch Fehlermeldung raus: Missing archive file ‘/tmp/bst-dsgvo-cookie-wsaQFX.tmp’ BG guckmada