Mailchimp plugin gets my site Vulnerable

Hi there,

I ran a scan with SiteLock and found many vulnerabilities.
I've just installed Mailchimp Integration adding newsletter subscription on my website footer. A few hours late, I've got noticed that my website is vulnerable.
How do I proceed? I probably need to remove Mailchimp plugin. But that's is one of the main reasons which I have chose wpmudev.
SiteLock sent a notification that I should pay $300 for one time adjust or $99 monthly to solve that issue.

  • Milan

    Hello @Fabio,

    Welcome to WPMU DEV.

    I trust you are having a good day and thanks for the posting. :slight_smile:

    Sorry to hear about your issue. Would you please provide me little bit more information like what is notice all about ? What are the issues SiteLock described in notification.? And did you ask them what is the real cause of your issue, MailChimp Integration or any other plugin ?

    Is there any way I can check whole report ?

    Please advice me and provide me little bit more information, so that I can debug further.

    Best Regards,
    Milan.

  • Fabio

    Hi Milan,
    Thanks for your answer.

    I'm not an expert, so I don't know the real causes.
    I access SiteLock dashboard.

    XSS Scan - Failed - 11/19/2015
    SMART Synchronization - partial - 11/30/2015

    If I go to the details there are lots of notifications. And it's getting bigger every day.
    I realized that most of them have mailchimp in the url.
    I've added mailchimp on the footer. So, I think that's why shows up almost every page.

    I think I can't show it here because our conversation is open and my site is a little bit vulnerable. Hope you understand.

    thanks again

    Best,
    Fabio

  • Milan

    Hello @Fabio,

    I hope you are having a good day and sorry for being late here.

    Could you please send me your ftp, wp-admin and sitelock credentials via our secure contact form: https://premium.wpmudev.org/contact/. I can assure you that by this way your credentials will not be shared publicly. :slight_smile:

    Select "I have a different question" for your topic. And the subject line will ensure that it gets assigned to me :slight_smile:

    Send in:

    Subject: "Attn: Milan Savaliya"
    -WordPress admin username
    -WordPress admin password
    -login url
    -FTP credentials (host/username/password)
    -sitelock credentials.
    -link back to this thread for reference
    -any other relevant urls

    Once we have this information then we can debug the issue further :slight_smile:

    Look forward to hearing back! let me know once you send me credentials. :slight_smile:

    Cheers,
    Milan Savaliya.

  • Milan

    Hello @Fabio,

    Thank you for send me credentials. :slight_smile:

    It seem slike I need to include our valuable SLS( Second Line Support ) person for assisting you further. I've notified SLS staff for your problem. They will get back to you soon. Please note that response of SLS will be slightly slower than usual staff response. So meanwhile please be patience. I hope you will co-operate.

    Best Regards,
    Milan Savaliya.

  • Hoang Ngo

    @Fabio,

    Looks like it just false alarm. Mostly of the vulnerabilities refer to _wp_http_referer, which is a native stuff of WordPress, to check the URL referer.

    But this parameter will get sanitize before display, and it won't save to anywhere, so I don't think this is a case.

    Can you please check with the SiteLock, if they have any other ideas. We will monitor this thread and take action right away if we find something wrong with the security.

    Best regards,
    Hoang