Bad URL in UpdraftPlus file

[SteveParticipant]

Hi there,

The following file was correctly found by Wordfence this morning as containing a blacklisted URL:

Filename: wp-content/plugins/updraftplus/includes/class-onedrive-account.php
File Type: Not a core, theme, or plugin file from wordpress.org.
Bad URL: https://login.microsoftonline.de/common/oauth2/v2.0/authorize

Details: This file contains a URL that is a suspected phishing site that is currently listed on Google’s list of known phishing sites. The URL is: https://login.microsoftonline.de/common/oauth2/v2.0/authorize

Screenshot of issue:
https://www.dropbox.com/s/53w9yz9bsixitdo/bad-url.png?dl=0

Please can you let me know what can be done, or if an update will be due?
I would like to avoid blacklisting of the 25 websites that use UpdraftPlus!

Many thanks
Steve Day

[ByronParticipant]

Following: Also received this warning from Wordfence.

[BillieParticipant]

Following: Also received this warning. Checked the downloaded zip file that I purchased recently and the downloaded file contains the same phishing url. So, this was not injected after uploading to my site.
Thank you for a great product!

[BillieParticipant]

Following: Also received this warning. Checked the downloaded zip file that I purchased recently and the downloaded file contains the same phishing url. So, this was not injected after uploading to my site.
Thank you for a great product!

[RossParticipant]

I’m in the same position with all of my clients’ sites…

[udadminKeymaster]

Hi,

It’s an official site of Microsoft Germany: https://docs.microsoft.com/en-us/office/enterprise-includes/o365endpoints/office-365-germany-endpoints

Please do report this false positive to Wordfence so that they can fix it.

Best wishes,
David

[RossParticipant]

Thanks, David. That’s very good to know. We can also report this as a false positive to Google via https://safebrowsing.google.com/safebrowsing/report_error/?hl=en

[udadminKeymaster]

[EdwardParticipant]

Same here, I’m getting this error on 20+ sites that I host for clients, but I do believe it’s a valid, Microsoft URL that has somehow been flagged by Google (which is where Wordfence gets it’s list from)

If you try to visit the URL both Google and Firefox will warn you that it’s been flagged as a deceptive site.

===========
Filename: wp-content\plugins\updraftplus\includes\class-onedrive-account.php

File Type: Not a core, theme, or plugin file from wordpress.org.

Bad URL: https://login.microsoftonline.de/common/oauth2/v2.0/authorize

Details: This file contains a URL that is a suspected phishing site that is currently listed on Google’s list of known phishing sites.

The URL is: https://login.microsoftonline.de/common/oauth2/v2.0/authorize
============

[udadminKeymaster]

I would like to avoid blacklisting of the 25 websites that use UpdraftPlus!

There’s zero danger of that; UpdraftPlus doesn’t have reason to put anything, ever on the front-end of your site.

The URL appears in the source code, because it’s used to authenticate with Microsoft Germany when using OneDrive for Germany.

[ScottParticipant]

Yep, got the critical warning here too. Glad to see I’m not the only one.

[BettyParticipant]

Getting the same message

[AnonymousInactive]

Also have the same message- glad I’m not the only one!

[udadminKeymaster]

To all those adding “me too” messages… please read further up the thread for the final outcome; it’s already there.

[BillieParticipant]

So, you want us to report it to wordfence and safebrowsing? I don’t feel like I’m informed enough to report it. Seems like that’s something that you guys at UpdraftPlus should do.

[Author]

Posts