X
    Categories: SEOWordpress

Google Blocking Websites Infected with Malware Through Fancybox-for-WordPress

If you use the WordPress plugin “Fancybox-for-Wordpress” , you want to ensure that you have updated the latest version, as there is an exploit that is injecting malware into WordPress sites.

The exploit is hard to spot, and you might not realize you are infected until you receive an email from Google to inform you that the website is an infected, a notification within Google Webmaster Tools about the malware or it is showing up in the search results with the malware warning.

Even if you don’t think you’ve been infected because you haven’t received the warning, if you are running an older version you are still vulnerable. Depending on how recently your site has been crawled by Googlebot, your site could be infected but Google hasn’t discovered it yet.

With over 600,000 downloads, it is a fairly popular WordPress plugin. It’s essentially gives webmasters the ability to place a box anywhere on the site, such as for an image.

The infected versions are version 3.0.2 or lower, so if your site is running any of the affected versions, your site is vulnerable to the exploit. The updated version has been released, and it also features a change that will prevent any malicious code from being displayed to users, even if exists in the database. So this will help those who have been infected but might not have the skills needed to know how to remove it from the database.

Sucuri Blog did a full analysis on what the vulnerability was and how websites were attacked, if you want the full details.  Many websites were infected with the “203koko” Iframe injection.

It iss also a good reminder that you always want to make sure you are using the most up-to-date plugins, that you are set up in Google Webmaster Tools to be alerted if Google ever discovers malware on your sites and be proactive in checking for any kind of spam issues on your site.

The following two tabs change content below.

Jennifer Slegg

Founder & Editor at The SEM Post
Jennifer Slegg is a longtime speaker and expert in search engine marketing, working in the industry for almost 20 years. When she isn't sitting at her desk writing and working, she can be found grabbing a latte at her local Starbucks or planning her next trip to Disneyland. She regularly speaks at Pubcon, SMX, State of Search, Brighton SEO and more, and has been presenting at conferences for over a decade.
Jennifer Slegg :Jennifer Slegg is a longtime speaker and expert in search engine marketing, working in the industry for almost 20 years. When she isn't sitting at her desk writing and working, she can be found grabbing a latte at her local Starbucks or planning her next trip to Disneyland. She regularly speaks at Pubcon, SMX, State of Search, Brighton SEO and more, and has been presenting at conferences for over a decade.