Critical Malware | ww.wp.xz.cn

Resolved wphyp
(@wphyp)

1 year, 6 months ago
I received a warning about this file. Please assist me with this issue
- Filename: /public_html/wp-content/plugins/ml-slider/lib/appsero/VERSION
- File Type: Not a core, theme, or plugin file from ww.wp.xz.cn.
- Details: This file appears to be installed or modified by a hacker to perform malicious activity. If you know about this file you can choose to ignore it to exclude it from future scans. The matched text in this file is: 2.0.3.1\x0a
  
  The issue type is: IOC:TXT/WP-VCD.IPs.6675
  Description: A file containing a list of IP addresses, common in WP-VCD infections.

Viewing 4 replies - 1 through 4 (of 4 total)

Plugin Author Steve Burge
(@stevejburge)

1 year, 6 months ago

Hi @wphyp. Please log in to your site via SFTP and check the contents of this file on your site: /public_html/wp-content/plugins/ml-slider/lib/appsero/VERSION

Here’s what this file looks like normally. It literally only contains the version number: https://plugins.svn.ww.wp.xz.cn/ml-slider/tags/3.93.0/lib/appsero/VERSION

Plugin Author Steve Burge
(@stevejburge)

1 year, 6 months ago

@wphyp After looking at this carefully, we’re pretty sure this is a false positive. The version number changed from 2.0.3 to 2.0.3.1.

Our guess is that the security scanner is not the smartest and thinks that 2.0.3.1 is an IP address.

Thread Starter wphyp
(@wphyp)

1 year, 6 months ago

Thanks Steve!

Plugin Author Steve Burge
(@stevejburge)

1 year, 6 months ago

Sure thing, thanks @wphyp. Please always feel free to ping us if you see an issue like this.

If you appreciate MetaSlider, please take a moment to leave a positive review: https://ww.wp.xz.cn/support/plugin/ml-slider/reviews/#new-post

Viewing 4 replies - 1 through 4 (of 4 total)

The topic ‘Critical Malware’ is closed to new replies.

4 replies
2 participants
Last reply from: Steve Burge
Last activity: 1 year, 6 months ago
Status: resolved