Blacklist Warnings for Users of the Stream-Video-Player WordPress Plugin

If you are using the plugin stream-video-player, it might be a good idea to disable this plugin for now.

The plugin loads a Flash player from “http://rod.gs/_SVP/5.7.1896/player.swf?ver=1.3.2″, a domain (rod.gs) which is currently blacklisted by Google, so anyone visiting your site will get the cross-site warning message. Since it is a popular plugin (with more than 100k downloads), this could be affecting quite a few websites.

This is the message users would see:

www.site.com contains content from rod.gs, a site known to distribute malware. Your computer might catch a virus if you visit this site.

Google has found malicious software may be installed onto your computer if you proceed. If you’ve visited this site in the past or you trust this site, it’s possible that it has just recently been compromised by a hacker. You should not proceed, and perhaps try again tomorrow or go somewhere else.

We have already notified rod.gs that we found malware on the site. For more about the problems found on rod.gs, visit the Google Safe Browsing diagnostic page.

Getting blacklisted stinks, but it’s worse when your site isn’t the source.

Unless you want your users to get a warning message every time they visit your site, it is a good idea to disable this plugin.


Is your website infected with malware and need professional assistance? Get protect with Sucuri Security.

Scan your website for free:
About David Dede

David Dede is a Security Researcher in the SucuriLabs group. He spends most of his time dissecting vulnerabilities and security issues. You won't find him on Twitter because he is paranoid about privacy.