Describe the issue or problem
hacker able to install plugin and change content in the server rootkitninja ojs 3.4.0.5
how to trace when the hacker install the plugin and can we trace which account install it?
it install in import export plugin directory
seems alot of ojs installation is affected by this mostly from indonesia.
file location is outside public_html
Steps I took leading up to the issue
What application are you using?
ojs 3.4.0.5
Additional information
.