Malware in Rankmath plugin

#69986
  • Resolved Blogging QnA

    4 years, 4 months ago

    Rank Math free

    I just uninstalled rank math plugin from my site because it was injecting malware to my site.

    From the last two days, I was unable to login into my website dashboard then i contact to siteground affiliate team.

    They told me to restore the backup on the first day and change the login URL and password of the site.

    I did it and it was solved. today, morning when I was trying to log in, the same problem occurred again.

    my site was redirecting to some malicious sites which are not secure and i was not able to login to my website dashboard.

    I again contact to siteground team and they scan the whole site and told me that ranmkath plugin is injecting malware on my site.

    They told me to uninstall the plugin.

    I was shocked by hearing this. Rank math is one of the popular plugin these days.

    Below I have attached the chat screenshot you can see that.

    Image link : https://ibb.co/C5Dp6RS

    Then, from my siteground file manager, I delete the rankmath plugin and after that, I am able to login to my dashboard.

    For testing, after login into the dashboard I install rank math again and after few minutes, the same thing happened again.

    I was not able to login. Redirecting to some other malicious sites. Then i got it that the fault is of rank math plguin.

    Now i removed rank math completely and everything is clear now.

    What is the issue is rankmath is not safe.

Viewing 9 replies - 1 through 9 (of 9 total)
  • Rank Math

    4 years, 4 months ago

    Hello

    Thank you for contacting the support and sorry for any inconvenience that might have been caused due to that.

    Can you please confirm which version of the Rank Math plugin were you using?

    Unless you were using an older plugin, exploiting Rank Math is not possible.

    It could be a situation where some other plugin/theme was compromised and the redirections were created using the Rank Math’s redirection module.

    Looking forward to hearing from you.

    Blogging QnA

    4 years, 4 months ago

    Rank Math free

    thanks for the response.

    I was using the latest version of plugin.. I set an auto update for that. so i was always using the latest version.

    It was Version 1.11.1

    Blogging QnA

    4 years, 4 months ago

    Rank Math free

    hello these are the plugins I was using

    Akismet Anti-Spam
    All In One WP Security
    Contact Form 7
    Easy Table of Contents
    Google Tag Manager for WordPress
    GP Premium
    Header and Footer Scripts
    Link Whisper
    OneSignal Push Notifications
    Site Kit by Google
    Social Snap
    ThirstyAffiliates
    Thrive Architect
    Thrive Leads
    Ultimate Blocks
    UpdraftPlus – Backup/Restore
    Wordfence Security
    WP Table Builder
    wp rocket

    Blogging QnA

    4 years, 4 months ago

    Rank Math free

    is this possible because I was not using the latest version??

    Rank Math

    4 years, 4 months ago

    Hello,

    Yes, using the latest version is always recommended and that could be an issue.

    We might need to take a closer look at the settings. Please edit the first post on this ticket and include your WP logins in the designated Sensitive Data section.
    Sensitive Data Section

    It is completely secure and only our support staff has access to that section. If you want, you can use the below plugin to generate a temporary login URL to your website and share that with us instead:

    https://wordpress.org/plugins/temporary-login-without-password/

    You can use the above plugin in conjunction with the WP Security Audit Log to monitor what changes our staff might make on your website (if any):

    https://wordpress.org/plugins/wp-security-audit-log/

    We really look forward to helping you.

    Blogging QnA

    4 years, 4 months ago

    Rank Math free

    Hello,

    I have updated the sensitive data as requested. Can you please check further?

    Thank you.

    Rank Math

    4 years, 4 months ago

    Hello,

    It seems like everything is working fine.

    Can you please check in an incognito window?

    It seems like you were using an older version of either Rank Math, SiteKit or some other plugin that lead to this issue.

    It should be all fine.

    Please check the users registered on your website and see if you see any unwanted user there.

    Also, this might be helpful as well:
    https://www.wordfence.com/blog/2020/05/vulnerability-in-google-wordpress-plugin-grants-attacker-search-console-access/

    Looking forward to helping you. Thank you.

    Blogging QnA

    4 years, 4 months ago

    Rank Math free

    thanks for your support.

    Rank Math

    4 years, 4 months ago

    Hello,

    Happy to help.

    If you need any further assistance, please feel free to open a new support ticket.

    We are here to help.

    Thank you.

Viewing 9 replies - 1 through 9 (of 9 total)

The ticket ‘Malware in Rankmath plugin’ is closed to new replies.