-
Dear Alex,
i have the same problem with kaswara. I tried to reinstall the plugin but i cant reactivate my licence code. Could you help me with this problem?
I deleted the app now completely, so should be okay now right ? Or do i still need to use a backup copy from previously ?
Also, my website security checker is saying the following are majorly outdated:
WPBakery Page Builder < 6.4.1 – Authenticated Stored Cross-Site Scripting (XSS)Please can you advise, what needs to be done? Because WPBakery I cannot update in wordpress. It says it need to come with theme updateand jquery i dont know how to updateprathadsan
If your site has been infected, then you need to use the old and clean version .
Thanks
The vulnerability patch provided in the plugin version 2.3.4 does not work.
Here’s what we’ve done:
- Cleaned all site files and removed any exisiting malware
- Updated theme to latest version using files downloaded from envato (Confirmed version 5.3.6)
- Updated WordPress version to latest
- Updated any plugins that may have needed updating
- Changed all user passwords
- Removed the plugin entirely – deactivated plugin then deleted files via SSH/SFTP
- Installed updated kaswara plugin from “Install required plugins” section (Confirmed verion 2.3.4)
- Scanned site to confirm that all files are clean as well as having Malcare manually check the files
After all this the site is infected again.
Disabling the plugin is something we want to avoid as many parts of the site rely on what was provided with the theme in the first place. Doing so would mean we would have to rebuild many parts of the site/theme ourselves.
We are thinking about purchasing support again but at the moment we are unsure if this would be money wasted if this fix can’t be fixed in a timely matter by your team.
Dear Alex,
Like many of us, I do not have much time to get on this issue to fix it (even more because I am NOT webdesigner/IT guy). I know you are not the one to blame for this mess, but you are front-line…
I purchased a theme that was well recommended, took a LOT of time to build it the way we wanted, and now I have to change it?
I already had to pay a 250€ to the company that is hosting our website to have them clean up the virus, and now we are still facing issues ….
This is the last message they sent me, hopefully you will be able to fix it.
”
Hello,
I had seen the link, it is written there:
“Due to the developer’s unresponsiveness, a patch may not be released, in which case we recommend finding a reasonable replacement that is being actively maintained by its developer.”There is no patch, there will not be one and it is highly recommended to replace the extension.
Compared to the message from the support, the indications are not good, the only method I see to re-download ksawara is:
Appearances >> About Autozone
On this page, we see that the license is not activated and when we click on Addon Ksawara, we get a WordPress message: Sorry, you are not allowed to access this page.
The link of the page causing the message: https://td-luxe.com/wp-admin/admin.php?page=kaswara-frameworkMaybe they will have the solution for this message or can they just simply provide the ksawara zip?”
Thank you in advance
I cant activate the theme – it just says “THEME NOT ACTIVATED” when I enter the purchase key. Any help please?
Private Content HiddenHello,
I have version 2.3.4 and every day it puts virus folders in there. How can I stop having viruses in this folder?
Thank you for your help
I have version 2.3.4 and every day it puts virus folders in there. How can I stop having viruses in this folder?
Wich folder and where ? Please try be more details . Thanks
Hello,
I cant activate the theme “THEME NOT ACTIVATED” when I enter the purchase key.
Can you help me?
Thanks
Hmmm you say “Done”, but it still says “Theme not activated” – see attachment…
Also, I can’t find anywhere “Appearance -> Install Required Plugins”.
Attachments:
You must be logged in to view attached files.Same here …
Attachments:
You must be logged in to view attached files.The virus files go into this folder /public_html/wp-content/uploads/kaswara/fonts_icon
In addition there are virus files in the wp-content folder and in public_html
Please try to use a clean version of the site before hacking, but do not forget to reinstall the plugin . Thanks
Hi Alex,
The situation is a real nightmare, we used Kaswara in almost every page of our website.
We cleaned the install and reinstall the plugin and the hack come back again.
Could you propose another solution or maybe advise another plugin to the job ?
We are really in despair.
Thanks a lot.
Private Content HiddenAlex,
Could you please activate my theme ?? Kawsara is a plugin used everywhere on my website and I can’t do anything, not even modifying elements !!
Please Help
contact_115
We also use this plugin on many of our templates and are interested in finding a solution, unfortunately it may take some time . If your site is hacked again, it is possible that the malicious files are located in other places of the sites and a simple update of the plugin will not help . You only need to use a backup copy of the clean version that was created 1-2 weeks before the infection . Thanks
tdluxe
This topic is for solving the problem with the kaswara plugin, please be very clear in your messages so that it does not take time to understand your messages .
Thanks
We also saw an script injection in the JS field in the custom settings of Kaswara if that could help everybody. See attached file
I saw the plugin version is now 2.1. Is it better ? I hope cause I deleted al the files.
Thanks a lot again.
Attachments:
You must be logged in to view attached files.We also saw an script injection in the JS field in the custom settings
Yes, you should also delete this code after updating the plugin .
Please use only Version: 2.1 | Mod 4 or Version: 2.3.4 .
Thanks
Hello,
It doesn’t work, I uninstalled the plugin and reinstalled the plugin. All the defective files have been deleted and every day the virus files come back.
Moreover in the backoffice, the Kaswara addons are not displayed on the visual composer
Thank you for your help
Private Content HiddenHi,
Are you able to provide the patch for these files?
Version: 2.1 | Mod 4 or Version: 2.3.4
Thanks
If you cannot get this plugin for some reason, then write to the mail:info@templines.com request and attache your purchased code.
We’ve fixed another vulnerability in Kaswara version 2.5 | Mod 5 (updated 15 may)
Hi Alex,
Really sorry but news are bad.
I delete ALL the files and resinstall the whole WordPress with my clean files dated 9th january (without Kaswara). Then I reinstall Kaswara through required plugins, so I obtained the version 2.1. This morning the hack has come again : Kaswara is still vulnerable…
Private Content HiddenHi Alex,
First of all I tell you to take it easy. Problems happen and we have to be tolerant. We pay a theme for only 70 $ which is excellent and helps us to do business every day. So, thanks for your work.As for the problem, I eliminated the plugin completely and the virus disappears. I installed the version 2.5 as you mentioned but the malware appears immediately. Am I doing something wrong?
CJRMotors
You need to scan the site for malicious files in other places . Usually this is the root of your site , you can check them yourself or ask your hosting provider .
malware appears immediately
Where exactly does it appear ?
First of all I tell you to take it easy.
Thank you for your understanding .
You must be logged in to reply to this topic.