mermberfix logo x
The MemberFix Team’s got you covered.
Membership plugins

WordPress Hack: OptimizePress + Digital Access Pass + Paypal Diverted Funds

wordpress hack optimizepress digital access pass paypal diverted funds
Hey guys, I’ve confirmed 3 hacks in the last 24 hours on my clients’ WP sites.
So far, all 3 sites use a combination of OptimizePress and Digital Access Pass (DAP).
The vulnerability seems to be from an outdated version of OptimizePress which allows the hacker to gain admin access to WordPress.
He then changes the Paypal receiver email in DAP so that sales are diverted into his account.
It seems that the hacker is injecting PHP script on the server level because I’ve found several malicious PHP files in the /dap/ directory.
Here’s what you should do right now:
1. Go into your WordPress site and update ALL of your plugins, themes, and your WordPress version.
Don’t forget to update any apps that aren’t native to WordPress but interface with WordPress (e.g. DAP).
2. If you’re using DAP, go to DAP => Setup => Config => Paypal.
If you don’t recognize the email address in this field then you’ve definitely been hacked.
Please note that if the email in the Paypal email field is yours, it does NOT mean you haven’t been hacked.
If you are positive you’ve been hacked, here’s what you should do right now:
1. Get in touch with your hosting company immediately and share this memo with them (additional technical notes on the bottom.)
Ask them to run a malware scan and help you identify/clean up the intrusion.
2. If they try to charge you to diagnose/fix the problem, and if the price is reasonable considering the sales you’re currently losing, then pay it and enlist their help.
If it’s unreasonable you can go to Upwork, post a job for malware removal and get a contractor’s help.
3. If you’d like my personal help with this situation, I’m working with a contractor to remediate hacked websites now.
Please get in touch at victor.dorfman(at)
If you’re not sure whether or not your site’s been hacked:
1. If your site is making any kind of income, I recommend doing the steps above just to be safe.
2. Install the WordFence WordPress plugin and monitor current activity to see if any funky IP addresses are trying to access any strange looking URLs on your domain.
Please share this message in the relevant membership groups/social media.

You may also enjoy...

WordPress based membership sites have certain requirements, and make use of certain applications that, in my experience, makes most of the popular hosting providers a poor choice.
Membership Site Podcast where you learn from successful entrepreneurs how to build and run a profitable membership site so that you too can generate recurring revenue for your business month
Is it worth to migrate to different membership software? Thoughts and options.

If you’re using ThriveCart and MemberPress together, you may have noticed that the native integration is somewhat incomplete. You often need to use Zapier zaps to achieve additional functionality, and

Notify of
Inline Feedbacks
View all comments