I received this message from my Hosting Provider. He claims that malware on my site has caused spam emails from other peoples websites. Is that even possible?
Here's the note;
We found malware on the XXXX account that was used to send spam. We removed malicious code injections from legitimate files and the following malware:
Removed malicious file: /home/XXXX/public_html/referral/catimages/cweper.php
Removed malicious file: /home/XXXX/public_html/mail.php
The following outdated software installations need to be updated to the latest version along with all addons, components, plugins, templates, etc. to prevent future script exploits:
Vulnerable Applications:
========================================
Gravity Forms Plugin :: 1.7.9 :: /home/XXXX/public_html/wp-content/plugins/gravityforms
For instructions on updating your Gravity Forms Plugin instance(s) to the latest version (1.9.6), please see the link below:
----------------------------------------
http://www.gravityhelp.com/forums/topic/how-to-upgrade-your-current-license
Alternatively, you can download the full Gravity Forms Plugin package here:
----------------------------------------
http://www.gravityhelp.com/downloads/
You can download the full Gravity Forms Plugin upgrade package here:
----------------------------------------
http://www.gravityhelp.com/downloads/
===========================================
Please contact me ASAP to ensure these problems are fully resolved as they have caused our (XXXX Hosting) main IP address to appear on several blacklists. Several of our clients' email accounts are affected