Google Maps by Reumer, 3.5, Malicious update
20 Oct 2017
"Version 3.3 of this plugin is listed in the JED and appears to be clean.
However once installed, the Joomla update manager prompts you to update this extension to a version 3.5 (which is not officially published).
This version contains hidden backlinks and potential backdoor, with tracking information about the website running the plugin and user."
How should you respond?
Most Joomlers probably only need to display a map on their Find Us page.
An image link to a Google Map (of your post code) is just as effective in these instances as a complex plugin.
In fact, we have found that a simple image link offers better usability for visitors who use phones and tablets.
If your map needs are more complex then you may wish to use the JED to shop around for an alternative plugin.
Subscribe to the VEL Newsletter
The VEL Newsletter contains regular announcements about vulnerable extensions.
If you see an extension that you use is listed then you should immediately:
- look for an alternative,
- or contact the developer for clarification.
You can of course unpublish a listed extension but this will not of itself protect your website from being compromised.
WYNCHCO Joomla! CMS Support
We coach, help and support managers with responsibility for Joomla! websites in organisations across Cheshire, Manchester, Merseyside, North West England & the UK.