Home › Forums › Support Forum › WP Site Guardian warnings
Tagged: WP Site Guardian
This topic contains 2 replies, has 2 voices, and was last updated by 
-
AuthorPosts
-
March 1, 2016 at 2:55 am #1459
This morning 3 of my sites received the exact same “possible security threat” warnings from my WP Site Guardian security plugin. GOTMLS.NET scans come up clean and any potential threats are clean. Can you help me understand this threat warning and why malware scans don’t show anything please?
Normal
0false
false
falseEN-US
X-NONE
X-NONE/* Style Definitions */
table.MsoNormalTable
{mso-style-name:”Table Normal”;
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-priority:99;
mso-style-qformat:yes;
mso-style-parent:”";
mso-padding-alt:0in 5.4pt 0in 5.4pt;
mso-para-margin:0in;
mso-para-margin-bottom:.0001pt;
mso-pagination:widow-orphan;
font-size:11.0pt;
font-family:”Calibri”,”sans-serif”;
mso-ascii-font-family:Calibri;
mso-ascii-theme-font:minor-latin;
mso-fareast-font-family:”Times New Roman”;
mso-fareast-theme-font:minor-fareast;
mso-hansi-font-family:Calibri;
mso-hansi-theme-font:minor-latin;}Time: 2016-03-01 06:51:09
URL: http://alconmedia.com/index.php?liu=qt&fukq=t&RNv=f**********************************************
Parameter: POST.sz
Data: echo (123454320+1);exit();
Impact: 7/91
Potential Vectors: Cross Site Scripting, Cross Site Request Forgery, Remote File Execution, Local File Inclusion**********************************************
Parameter: POST.#07
Data: echo (123454320+1);exit();
Impact: 7/91
Potential Vectors: Cross Site Scripting, Cross Site Request Forgery, Remote File Execution, Local File Inclusion**********************************************
Parameter: POST.07
Data: echo (123454320+1);exit();
Impact: 7/91
Potential Vectors: Cross Site Scripting, Cross Site Request Forgery, Remote File Execution, Local File Inclusion**********************************************
Parameter: POST.#173
Data: echo (123454320+1);exit();
Impact: 7/91
Potential Vectors: Cross Site Scripting, Cross Site Request Forgery, Remote File Execution, Local File Inclusion**********************************************
Parameter: POST.173
Data: echo (123454320+1);exit();
Impact: 7/91
Potential Vectors: Cross Site Scripting, Cross Site Request Forgery, Remote File Execution, Local File Inclusion**********************************************
Parameter: POST.#25
Data: echo (123454320+1);exit();
Impact: 7/91
Potential Vectors: Cross Site Scripting, Cross Site Request Forgery, Remote File Execution, Local File Inclusion**********************************************
Parameter: POST.25
Data: echo (123454320+1);exit();
Impact: 7/91
Potential Vectors: Cross Site Scripting, Cross Site Request Forgery, Remote File Execution, Local File Inclusion**********************************************
Parameter: POST.#21
Data: echo (123454320+1);exit();
Impact: 7/91
Potential Vectors: Cross Site Scripting, Cross Site Request Forgery, Remote File Execution, Local File Inclusion**********************************************
Parameter: POST.21
Data: echo (123454320+1);exit();
Impact: 7/91
Potential Vectors: Cross Site Scripting, Cross Site Request Forgery, Remote File Execution, Local File Inclusion**********************************************
Parameter: POST.lyf520
Data: echo (123454320+1);exit();
Impact: 7/91
Potential Vectors: Cross Site Scripting, Cross Site Request Forgery, Remote File Execution, Local File Inclusion**********************************************
Parameter: POST.fuckyou4321
Data: echo (123454320+1);exit();
Impact: 7/91
Potential Vectors: Cross Site Scripting, Cross Site Request Forgery, Remote File Execution, Local File Inclusion**********************************************
Parameter: POST.TExaL
Data: echo (123454320+1);exit();
Impact: 7/91
Potential Vectors: Cross Site Scripting, Cross Site Request Forgery, Remote File Execution, Local File Inclusion**********************************************
Parameter: POST.w
Data: echo (123454320+1);exit();
Impact: 7/91
Potential Vectors: Cross Site Scripting, Cross Site Request Forgery, Remote File Execution, Local File InclusionMarch 1, 2016 at 3:24 am #1460I should note that the 3 warnings are coming from 3 different IPs.
March 6, 2016 at 7:24 am #1473I don’t know anything about WP Site Guardian but it looks like some kind of firewall that has detected an external attack in real time. This does not mean that your site is infected again, only that someone may have been trying to hack you. If you want more info on this you should contact the WP Site Guardian developers.
-
AuthorPosts
You must be logged in to reply to this topic.
