Facebook  Twitter 




+- User Information

Welcome, Guest.
Please login or register.
Forgot your password?

+- Forum Stats

Total Members: 4220
Latest: agolac
New This Month: 1
New This Week: 1
New Today: 0
Total Posts: 42854
Total Topics: 7464
Most Online Today: 112
Most Online Ever: 2482
(April 09, 2011, 07:02:45 pm)
Users Online
Members: 0
Guests: 42
Total: 42

Author Topic: Menu Editor Pro vulnerable to hacks/infections?  (Read 5426 times)

0 Members and 1 Guest are viewing this topic.

Offline rexall

  • Member
  • *
  • Posts: 10
    • View Profile
    • Mind-Body Thailand
Menu Editor Pro vulnerable to hacks/infections?
« on: August 21, 2014, 11:10:41 pm »
Fri 22 Aug 2014, 10:56 am


I have a minimal skill set, so I can't speak to this in an authoritative way, and I would have preferred to send this directly to Admin/Support, but there doesn't seem to be any easy way to do that, so here we are.

Recently my hosting account was attacked and all seven of my SMF & WordPress sites where seriously infected.  All but one was completely knocked out.  So far, it has taken a month and cost hundreds of dollars to begin to get cleaned and restored.  Early reports were that it was a vulnerability in a WordPress "Mail Poet" newsletter plugin.  Now my tech guy is saying something about Menu Editor Pro.  I hope he is wrong (or if he is right, that the mod can be hardened in some way)  because this is a really sweet MOD that does everything that I want, and that I really need to make my site work the way I need it to.  

Anwway, for whatever it is worth, here, partially is what he said this morning:

Quote from: Nikola
During this process I noticed the possible problem with a mod you had installed - Menu Editor Pro. Looks like that mod is adding quote some additional files to original default install of SMF, which on my first sight looks quite unprotected, and that fact plus the info that all of those files was most infected on server say that this exact mod can be (I'm still not 100% sure) the target and a way for hackers to "get in". I will inspect further with KKF case as well . . .

Have there been any other experiences like this lately with this MOD?


Khon Kaen, Thailand
« Last Edit: August 21, 2014, 11:12:40 pm by rexall »

Offline Labradoodle-360

  • Moderator
  • Full Member
  • *****
  • Posts: 156
    • View Profile
Re: Menu Editor Pro vulnerable to hacks/infections?
« Reply #1 on: September 01, 2014, 09:03:35 am »
Sorry for such a late reply.

First of all, no. There have been no other similar experiences with this modification, or any of my modifications. WordPress is known to be one of the biggest security hole filled software, while SMF is known for it's security, and my modification is an extension of that quality and security. I have had other good programmers review my code and none of them have come up with any security flaws - and I haven't seen or heard of any either.

If he has actual proof, I would love to see it. But I doubt there is any. It's way way more likely this is a WordPress vulnerability again.

Best Regards,
Matthew P. Kerle
 Former SMF Developer

Offline Lugo_PLC

  • Member
  • *
  • Posts: 2
    • View Profile
Re: Menu Editor Pro vulnerable to hacks/infections?
« Reply #2 on: November 05, 2014, 04:27:27 am »

Offline Labradoodle-360

  • Moderator
  • Full Member
  • *****
  • Posts: 156
    • View Profile
Re: Menu Editor Pro vulnerable to hacks/infections?
« Reply #3 on: November 10, 2014, 08:57:47 am »
You're welcome! Best of luck.


Related Topics

  Subject / Started by Replies Last post
3 Replies
Last post January 23, 2014, 10:55:55 am
by guest12036
5 Replies
Last post November 21, 2014, 11:31:08 pm
by SMFHacks
1 Replies
Last post October 23, 2015, 06:23:41 pm
by Labradoodle-360
4 Replies
Last post April 28, 2016, 02:53:14 pm
by Labradoodle-360
4 Replies
Last post June 26, 2016, 11:03:43 am
by Labradoodle-360

+- Recent Topics

Is the PayPal Sandbox still working? by Nicole
Today at 06:51:18 am

Question on Completed Listing & Reserve Price by Nicole
June 01, 2023, 06:06:12 pm

[Mod]GDPR Helper by Nicole
May 29, 2023, 11:58:49 pm

RSS Feed Poster Database Error by SMFHacks
May 22, 2023, 06:26:18 pm

Errors With Older Version. by Ken.
May 09, 2023, 05:35:40 pm

Pretty Urls SEO Pro by SMFHacks
May 06, 2023, 03:30:11 pm

New Post Image Upload Error by Mike66
April 28, 2023, 07:30:28 am

Copyright Removal Key by SMFHacks
April 03, 2023, 02:44:28 pm

Converting from Aeva Media by sudhakar
April 02, 2023, 11:09:54 am

Using SMF's Built-in Search Algorithm by shuban
March 27, 2023, 09:15:10 am

Powered by EzPortal