2 matches found
Digital Climate Strike WP <= 1.0.0 - Redirect to Malicious Website due to Compromised JS Asset
The plugin loads a JavaScript asset from a remote website which seems to have been compromised. The widget.js file, loaded from https://assets.digitalclimatestrike.net/widget.js, redirects users to gladdiatordotio and is being flagged as malicious. I've reported this to the plugin authors but hav...
WordPress Digital Climate Strike WP plugin <= 1.0.0 - Redirect to malicious websites
Redirect to malicious websites found by Steve Perry in WordPress Digital Climate Strike WP plugin versions = 1.0.0. Solution 2021-01-21 - we were unable to find a patched version of this plugin. WordPress.org notification: "This plugin has been closed as of January 20, 2021 and is not available f...