Security Breach

Hello,

We apologize for the issue you are facing regarding a potential security breach. It’s important to address such concerns promptly.

The URLs you mentioned appear to be related to phishing attempts, and it’s crucial to ensure your website’s security. However, we want to clarify that our plugin itself does not create or host any malicious content. If you received a security alert after installing our plugin, it could be a false positive or related to other factors on your site.

To investigate this further, we recommend the following steps:

1. Scan Your Website: Use a reputable security plugin or service to scan your website for malware or vulnerabilities.
2. Check for Other Compromises: Ensure that your website and hosting environment are secure. This includes checking for outdated software, themes, or plugins that may have vulnerabilities.
3. Contact Your Hosting Provider: Since your hosting provider reported the phishing attempt, they may have additional insights or recommendations on how to secure your site.
4. Review Access Logs: Check your server access logs for any suspicious activity that could indicate how the breach occurred.

If you would like more detailed assistance or if you believe this is directly related to our plugin, please reply to this ticket, and a human agent from the Rank Math Support team will take over and provide further assistance.

Thank you for bringing this concern to our attention, and we hope to help you resolve it soon!

Hello,

Thank you for contacting Rank Math support.

In the previous update of our plugin, we fixed all known vulnerabilities. Also, no known POP chain was present in our plugin. This means that the vulnerabilities could only be used by users with admin rights and not by attackers.

So, the phishing attack on your site isn’t related to our plugin. If you have any proof that relates the attack to our plugin, please feel free to share it.

Hope that helps. Please do not hesitate to let us know if you need our assistance with anything else.